Manhattan maintains a strong data privacy program designed to comply with all applicable data processing regulations, including, but not limited to: General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), Canada’s PIPEDA Act, Brazil’s LGPD, and various U.S. state privacy laws, as applicable.
Our dedicated security governance and privacy teams are responsible for developing and overseeing the privacy and security practices of our organization. We continuously seek to enhance our privacy culture and all employees undergo privacy and security training.
In May 2018, the General Data Protection Regulation (GDPR) took effect. The GDPR is a European Union regulation that seeks to harmonize existing data protection laws across Europe and is designed to strengthen data protection rules for the processing of personal data of EU residents, including the transfer of personal data outside the EU.
Manhattan has committed to incorporating the GDPR’s core principles and requirements into our global privacy and data protection programs. We maintain a Data Protection Officer (DPO) and conduct internal assessments to evaluate our readiness to meet and maintain our obligations under the law.
Manhattan protects the transfer of data between its corporate entities with a comprehensive Inter-Company Data Transfer agreement, which includes the most current EU Standard Contract Clauses to ensure full GDPR compliance.
We consider the protection of information and information systems to be critical for the success of the company and our customers.
Our applications are built with security by design, with an emphasis on ensuring all data always remains secure. The collection, storage, transmission, and access of customer data is designed and implemented with a special focus on data security.
Industry-standard encryption protocols such as AES and TLS v1.2 are utilized to protect all data within our Manhattan Active® solutions.