Corporate GDPR Statement

In May 2018, the EU General Data Protection Regulation (GDPR) replaces the existing 1995 EU Data Protection Directive (European Directive 95/46/EC).

IOB LLC currently complies with applicable data protection regulations and is committed to GDPR compliance across its relevant services when the GDPR takes effect May 25, 2018. IOB LLC has a dedicated internal team made up of cross-functional stakeholders overseeing IOB LLC’s GDPR readiness. IOB LLC’s ongoing compliance efforts include:

Assessment

IOB LLC has reviewed where and how our relevant services collect, use, store and dispose of personal data and has updated policies, standards, governance and documentation where needed. IOB LLC is dedicated to keeping such due diligence current and carrying out re-assessments periodically and/or as required by changed circumstances.

Contractual Commitments

Working in conjunction with our partners and customers, IOB LLC is reviewing our contractual commitments and updating as needed to directly address GDPR requirements. IOB LLC has released a Data Processing Addendum (DPA) with provisions to assist our partners and customers with their GDPR compliance.

Cross-border Data Transfer

In addition to ensuring IOB LLC’s contractual commitments meet the requirements to legally transfer data from the EU to the rest of the world under applicable law, IOB LLC plans to certify under the EU-US Privacy Shield Framework.

Employee Training And Awareness

All IOB LLC employees must complete data privacy and security training. IOB LLC will supplement existing training modules with GDPR-specific content. In addition to these training requirements, IOB LLC conducts ongoing awareness initiatives on a variety of topics, including data protection, security and privacy.

IOB LLC Investors, Partners, and Customers

Compliance with the GDPR requires a partnership between IOB LLC and our partners and customers in their use of applicable IOB LLC services. In this context, IOB LLC generally will act as a data processor and our partners and customers generally will act as data controllers. Working together, we hope to explore opportunities within our relevant service offerings to assist our partners and customers meet their GDPR obligations. In the meantime, IOB LLC encourages partners and customers to independently familiarize themselves with the GDPR.