GDPR Compliance Assurance: Statement for Our Customers

Purpose of this Statement 

Avora Holdings LTD (“Revenue Grid”) is committed to compliance with the General Data Protection Regulation (GDPR), which came into effect on May 25, 2018 in the European Union (EU) and the European Economic Area (EEA) and is one of the strictest privacy legislation regulations worldwide. 

Since GDPR was announced, we have been adjusting our policies and procedures to make sure we meet these requirements. The GDPR applies to any organizations established in the EEA as well as ones established outside the EEA, when their processing activities relate to the offering of goods and services to individuals in the EEA or to the monitoring of individuals’ behavior within the EEA. The regulation contains the most significant changes to the European data privacy legislation over the last 20 years. It is designed to give EU/EEA citizens more control over their data and seeks to unify a number of existing privacy and security laws under one comprehensive law. 

 Our customers can trust that Revenue Grid has made GDPR a priority and has devoted significant and strategic resources toward our efforts to comply with GDPR. We believe that privacy is a very important right of Revenue Grid Services users and want to assure all our customers that we are working hard on ensuring this compliance in every area of our business. When this statement mentions “Revenue Grid” “we,” “us,” or “our,” it refers to “Avora Holdings Ltd.” 

Within this statement we want to highlight the measures we have put in place to ensure compliance with the GDPR at every point where we hold or process personal data on your behalf. 

What Revenue Grid is doing 

Revenue Grid takes into account that our customers have requirements under GDPR that are directly impacted by their use of our products and services, and Revenue Grid is committed to helping our customers fulfill all their requirements under GDPR and local law. 

We strive to build in privacy protection considerations into everything we do. We apply essential privacy and security guidelines and practices to safeguard all personal information that passes through our Services; that also includes protecting any usage data collected from our customers and the end users and through our products and services. You can also review our Privacy Policy.  

Revenue Grid initiatives 

Find below some of the initiatives Revenue Grid has performed to in order achieve full GDPR compliance, applied both to Revenue Grid and our customers: 

  • Ensuring that our products are designed in accordance with ISO27001, ISO27002 and ISO27018 standards. These standards mirror many of the security and privacy requirements of GDPR and will help give our customers a transparent framework to measure our software development and data management practices. 
  • Commitment to follow all additional security and privacy measures introduced under GDPR. 
  • Where we are transferring data outside of the EU, committing to appropriate data transfer mechanisms as required by GDPR.  
  • Assisting with data processing security and privacy requirements, notifying regulators of personal data breaches and promptly communicating any such breaches to our customers and users. 
  • Ensuring that all our staff entitled to access and process Revenue Grid customer personal data have been trained in secure data handling and are bound to maintain the confidentiality and privacy of the data. 
  • Holding any affiliated vendors and partners entitled to handle the personal data to adhere to the same data security management and privacy protection practices and standards to which Revenue Grid adheres. 
  • Commitment to carrying out data impact assessments and consulting with the corresponding EU regulators, where appropriate. 

Where does Revenue Grid transfer and process customers’ data? 

Our mission is to provide our customers with secure, fast, and reliable Services. We run our Services with industry standard operational practices via a framework distributed across multiple jurisdictions. Presently, Revenue Grid’s data transfer and computing resources are hosted in the secure Microsoft Azure architecture established on data centers located in the EU and USA. 
Revenue Grid staff may access data stored on servers in the EU/EEA from a non-EU/EEA country (e.g., USA or Ukraine) for technical and customer support related reasons. 

Our basic principles 

Revenue Grid is fully committed to customers’ success with our Services and Products and maximum protection of customer data. Our customers can completely count on our dedication to GDPR compliance. 

  • You own your data, and we’re committed to protecting your privacy. 
  • Our customers-focused approach ensures that security is a top priority. 
  • We strive to adhere to widely accepted standards and regulations to keep the customers at ease. 
  • We are transparent with our policies to help you understand how we manage your data. 

Validating our Practices 

Independent third-party audits 

We engage independent third parties to audit our practices, and procedures in terms of world’s most sought after information security management standards and regulations. These reviews occur on a regular basis and are conducted by globally respected audit and security firms which are independent and thorough in their evaluations. We take their reports and feedback very seriously and established processes in place to address any issues that present risks to us or our customers. 

External and internal application security testing 

Our Security team performs automated and manual application security testing and network vulnerability testing on a continuous basis to identify and mend potential security vulnerabilities and bugs on our desktop, web, and mobile applications involved in Services provision. We also cooperate with third party security specialists as well as other industry security research community members. 

Ongoing improvement 

A critical part of any information security management program is constant development of security and compliance programs, systems, and controls. Revenue Grid is committed to collecting and integrating feedback from different internal teams, the customers, internal and third-party auditors, and to improving our security, privacy and compliance processes and controls. 

Protecting your privacy 

We believe you should always know what data we collect from you and how we use it, and that you should have a meaningful control over these. 

Our Privacy Policy is intended to help you understand: 

  • What information we collect about you 
  • How we use the information we collect 
  • How we share the information we collect 
  • How we store and safeguard the information we collect 
  • How to access and control your information we collected 
  • Other important privacy information 

 To have your information amended, corrected, or deleted, or if you have any questions with regard to your personal information, feel free to contact us 

Avora Holdings LTD. 
650 Castro St, 
Suite 120/385 
Mountain View, CA 94041 
E-Mail: [email protected]