MyGate, India’s largest security and community management solution, has significantly strengthened its commitment to information privacy by announcing that it has implemented General Data Protection Regulation (GDPR) guidelines. In doing so, it becomes among the first Indian consumer companies to embrace the stringent requirements of the European Union’s GDPR directive, widely considered the global gold standard for data privacy and protection.
MyGate is now in the process of enabling all its 9000+ societies to adhere to GDPR guidelines, which it will complete by August 1, 2020. With this enhancement, MyGate as well as the resident welfare associations (RWAs) that govern its societies, will also be fully ready to comply with the requirements laid out in the Personal Data Protection Bill, 2019, which is soon expected to be enacted into law.
GDPR seeks to empower users by allowing them to retain control over their personal information, dictating that it be collected with consent and only for reasonable, lawful and specific purposes; that users be given the right to be forgotten; that companies put in place systems and protocols to identify data breaches and report these to users; and that companies designate a Data Protection Officer to ensure correct processing of user data.
Commitments under GDPR
MyGate’s existing products and services adhered to many of the above-mentioned principles; however, the company has spent the past several months seeking the counsel of GDPR experts and implementing their changes, before submitting itself to an independent audit earlier this year. The most important of these are as follows:
Auto log deletion: The digital log of visitors to societies that use MyGate’s app will now be wiped out mandatorily every 180 days, with the option to do so after shorter periods of 60 and 120 days as well.
Right to be forgotten: Users will now have the ability to delete all digital records of their personal information from MyGate systems via the app.
Numberless entry: Visitors to societies that use MyGate will no longer need to input their phone number, nor will it be necessary for a phone number to be shared for a resident to create an invite; a name and flat number would be adequate.
Viewable access log: All users will now be able to access a log (if any) containing when his/her personal information was viewed, by whom (including MyGate service agents responding to customer queries), and for what reason.
Masked information: All personal data will be masked and all access to the data will be logged.
Systematic Rollout In Progress
The effort to implement GDPR-readiness across its societies began in the second half of May and has met with an overwhelmingly positive reception from residents and management committees alike. The company is conducting dedicated sessions for each society, in order to communicate the benefits and implications of the changes. The exercise will be implemented at all its societies by August 1, 2020.
Vijay Arisetty, CEO & Co-Founder, MyGate, said, “Ensuring privacy and security of all user information has been a guiding principle since our inception. The implementation of GDPR guidelines is a clear validation of this intention, and I’m extremely proud that we’ve been able to meet no less than the stringent requirements set by the European Union. This, however, does not signal the end of our efforts, as we will introduce features and controls that set benchmarks with regard to data privacy for consumer apps the world over.”
Shreyans Daga, CTO & Co-Founder, MyGate, said, “Handing over complete information control to users is the dream of every tech company but it’s also an extremely complex task. I’m extremely glad that we put in the months of effort that was required for seeing this through and eager to see the changes implemented across our 9000+ societies – months before the landmark upcoming Indian legislation on information privacy.”