Nutrium’s approach to GDPR compliance

Nutrium pays great attention to GDPR compliance. Read all the measures we respect in order to be GDPR compliant and keep your and your clients' data secure.

At Nutrium, we've always been aware of the importance that surrounds personal data privacy and security, be it from nutrition professionals or their patients.

It's based on that data that our project is built, and it's that informational core that allows us to provide you with a service known for its excellence.

With that in mind, we've started implementing, from an early stage, the General Data Protection Regulation (from now on GDPR), and we're happy to announce some news regarding your rights and your patients'.

From the beginning, we were always guided by a direct and transparent approach and now, in that spirit, we want to share the whole process with you. We invite you to read some of our next steps and ask you to follow us in our implementation plan.

What is GDPR?

GDPR is one of the most recent and ambitious Regulations of the European Parliament and the Council in Data Protection, laying down rules that aim to give back control over personal data to their rightful owners, the natural person.

As a result, a major number of companies processing personal data in the European Union, among other entities, must implement a group of new measures regarding the safety and management of the processing of that data.

In addition to these measures, full compliance with the new rights of the data subjects is also required, namely: the right to erasure (also known as “right to be forgotten”); the right to data portability; the right of access; among others.

You can check the English version of the Regulation here.

A privacy-focused page

The privacy we assure is only as good as your knowledge about it. With this in mind, we’ve carefully redacted a new Privacy Policy that meets the most demanding privacy measures known.

We are making sure that this policy is as transparent, clear, and concise as possible so that you have easy and privileged access to your rights, to detailed information about the data we collect and share, to the privacy mechanisms at your disposal, and your patients’, among much other information.

In addition, we've decided to concentrate all the information about the new implementations on a privacy-focused page on our website, to be published soon.

There you’ll be able to find our new Privacy Policy, the revised Terms, and Conditions of Use of our platforms, as well as a series of explanations on how to enforce your privacy rights. Last but not least, it will be on this page that you’ll find the contacts of our Data Protection Officer. This brings us to the next point.

Our Data Protection Officer

We've appointed a Data Protection Officer. It's of the utmost importance to Nutrium to ensure that all the steps we take towards GDPR compliance are audited and supervised by someone impartial, dedicated, and committed to the protection of your personal data and your patients'.

It's our DPO's task to make sure your concerns are addressed and your rights asserted. You can reach him at dpo@nutrium.com.

Increasing our security measures

We're in the process of revising all our security infrastructure on the website, servers, and App. We want to ensure the security and protection of the personal data in our servers and in your practice.

Here are some of the measures being implemented:

• New password requirements
• New and more strict SSL certificates
• Implementation of inactivity periods
• Revision of all our service providers and subprocessors contracts
• Two-step verification

The implementation of GDPR as a transparent and continuous process

We believe that GDPR compliance and implementation is a continuous and constantly improving process.

But we want to go above and beyond conformity. It’s with this in mind that Nutrium pledges, from this day on to keep improving continuously and uninterruptedly our privacy policies, general information, your personal data security, and your rights. And we want you to join us on our journey!

Leave us your suggestions and check our blog regularly for other news and updates.

We want to help you with GDPR compliance

While beneficial to all parties involved, GDPR can lead to some implementation difficulties. We are aware that professionals are also subjected to its requirements, and we want to help you implement it in your practice.

With this in mind, we'll be writing an article about GDPR compliance, explaining the broad lines of the Regulation and its repercussions to nutrition professionals.

If you have any questions, please don't hesitate to contact us at info@nutrium.com.