GDPR Compliant

Protect your users’ privacy with our GDPR Reporting Platform

OVATION’s new GDPR compliant reporting tool (Magellan) provides everything you need right at your fingertips to view and manage your wireless usage and expenses.

Easily navigate through our online reporting tool with meaningful dashboards filled with charts, graphs, and trends to help your company quickly identify risk areas. The dashboard is easily configurable for each user and offers drill down and export capabilities. Our tool coupled with OVATION’s years of wireless carrier experience and proprietary processes provides your company with a comprehensive managed mobility solution that is unmatched in the industry.

To be GDPR compliant, OVATION is authorized by our customers to access, store, present and destroy wireless data in line with the procedures outlined in our ISO 27001:2013 certification and the additional GDPR provisions. The policies and procedures around data handling are outlined in detail in our statement of applicability, and we are independently audited annually to maintain our certification.
About GDPR Personal Data Our Tool

The recent enactment of the Global Data Protection Regulation (GDPR) for the European Union has created a new standard for global data protection which has significant implications to businesses worldwide in regards to the collection, use and storage of personal information.

Contrary to popular belief, U.S. businesses can also be impacted with this new data privacy ruling and should take measures now to ensure their own data collection and processing of customer and employee data (including processing of data by hired third parties) meets the guidelines outlined in the GDPR.

Personal data is defined as any information which is related to an identified or identifiable natural person and can include but not limited to:
  • names
  • identification numbers
  • call detail records
  • phone numbers
  • email addresses
  • IP addresses
  • geo data tracking
  • location data and other factors
Specifically, with regards to the collection of wireless carrier data for employees’ mobile phone and data usage, OVATION process this data for the sole purpose of internal client reporting based on the agreed upon scope of each engagement. OVATION does not sell data to third parties
In our tool, four specific measures have been implemented for GDPR compliancy, in addition to the security and data privacy measures already available.
  • Pseudonymizing Call Detail Records - After a certain number of periods, Call Detail Records can be pseudonymized. The data is still there, and can, with some limitations, be used for analysis, but it is no longer possible to link the data to people. In that way, it has ceased to be Personal Identifiable Data. The number of periods after which pseudonymization is done can be set per account.
  • Ability to implement “right to be forgotten” for leaving employees- This functionality makes it possible to remove all references to employees that are no longer with the company.
  • Anonymize logbooks- All logbooks are anonymized after six months.
  • Reduce retention period for ad-hoc reports and electronic invoices - Retention period for generated reports and electronic invoices is set to three months.