As fellow alliance professionals, we understand that TRUST is the most critical part of being successful when going to market with your partners. This requires exceptional care and attention to detail when protecting your data—a responsibility we take very seriously.
So here's our promise to you:
WorkSpan's #1 priority has always been—and continues to be—making sure your experience is as safe and secure as possible, providing you with the information and control to feel comfortable running end-to-end alliance initiatives across company boundaries. This Trust Center ensures you'll always have access to our latest security, compliance, legal, and privacy information—with the ability to contact us regarding any questions or concerns.
But we didn't stop there. WorkSpan's groundbreaking security technology, Attribute Based Access Control (ABAC), lets you intuitively identify what you want (and don't want) to share—with which people, which companies, and when. No complicated legal jargon or confusing user experiences. Just simple, straightforward security and privacy controls at your fingertips.
WorkSpan stringently adheres to all GDPR tenants.
1. Right to access: You can access your personal profile and communication preferences via a secure page on WorkSpan.
2. Right to rectification: You can update your personal profile and communication preferences via a secure page on WorkSpan.
3. Right of erasure: You can request that we erase some or all of your personal data from our systems.
4. Right to portability: You can request an export of your personal data.
5. Right to object: You can contact us to let us know that you object to the further use or disclosure of your data for certain purposes.
WorkSpan can provide evidence for GDPR compliance—including requests for access of profile information, rectification, erasure, and portability requests. You can make a request to email@example.com.
WorkSpan has advanced data security strategy, capability, & policies in place.
Q: How safe is my data?
A: Access to your data is defined by attribute based access controls—allowing users, owners, and admins to have fine grained application access control far more advanced than traditional role based applications security models.
Data is stringently protected via encryption:
WorkSpan policies for its internal employees ensure safe and compliant handling of user data.
Q: What is the retention period for data in the system?
A: Application data related to company’s use of information is subject to company’s data retention policies. Data can be permanently deleted at user or company request. User’s personal data is removed after user is no longer part of WorkSpan.
Q: Do you have a data protection officer? If no, who is responsible for the GDPR Compliance function?
A: Yes, WorkSpan’s Chief Information Security Officer, Milind Joshi, is our data protection officer and responsible for GDPR compliance.
Q: Can I access the WorkSpan application from any region or geography?
A: Absolutely. You can access the WorkSpan application from anywhere in the world with secure credentials.
Q: Where is my data stored in WorkSpan?
A: Customer data is stored in secure enterprise-grade public clouds such as Google Cloud, Microsoft Azure, and Amazon Web Services.
Q: Does WorkSpan give me the capability to selectively share information with my partners?
A: With WorkSpan, you can easily enforce your company’s data privacy and access policy uniformly across all partner facing teams. You can share the data at a record level, and further restrict access at a field level in a shared record:
Q: How do I set the controls for who can share my data?
A: WorkSpan provides three modes for sharing: Owner Mode, Partner Mode, and Network Mode. These modes are set at a record level. Only Owners can set the sharing mode.
WorkSpan goes the extra mile to protect your data privacy.
Q: Does the system receive personal data from another system—if so, which?
A: WorkSpan does not receive personal data from another system.
Q: What categories of processing are performed on personal data and for what purpose?
A: We process personal data to operate, improve, understand, and personalize our services. For example, we may use personal data to:
Q: What categories of personal data are processed?
A: WorkSpan collects personal data about you when you provide such information directly to us, when third parties such as our business partners or service providers provide us with personal information about you, or when personal data about you is automatically collected in connection with your use of our services. WorkSpan applications use your:
In addition, via the WorkSpan website, if you sign up for a newsletter, event, webinar, etc. you may volunteer to provide telephone and physical address as needed.
Q: Does the personal data include special category data? Does the personal data include criminal convictions and offenses? If “Yes” please provide details.
A: No special, sensitive data (e.g. race, ethnicity, gender, trade union, health, sexual preference), or criminal convictions are ever captured on WorkSpan.
Q: Does the system provide a privacy statement or notice?
A: Yes, WorkSpan provides a privacy statement. Please find a copy here.
Q: Where can I find my user agreement?
A: You can find the user agreement at sign up and in your personal profile page. Please find a copy here.
Q: How does WorkSpan communicate MDF terms and conditions with partners?
A: In your WorkSpan instance, navigate to the strategy tab on the Programs page. At the bottom of this page, you can find the program policy documents. Similarly, the Campaigns tab has a section at the bottom of the page containing program policy documents for that particular program.
Q: Is an information security risk assessment performed at a planned interval or upon significant organizational, IT, or other relevant changes? Are documented risk assessment results retained?
A: Yes, information security risk assessment is performed annually and after every major change. Risk assessment is presented to the leadership team for discussion and action.
Q: Does your organization provide information security awareness training to employees and relevant third-party contractors upon hire, and at least annually thereafter?
A: Yes, WorkSpan treats security and privacy as a top priority and conducts awareness training for employees and contractors annually and upon hire.
Q: Does your organization define capacity requirements and monitor service availability?
A: WorkSpan monitors services availability and capacity in real-time, and auto provisions for higher availability for peak performance and failover.
Q: Does WorkSpan provide an audit trail for all activity?
A: Absolutely. WorkSpan has an “always on” audit trail that gives you accurate and reliable information at all times of who did what and when in the system.
Q: Can I remove or replace an existing user profile from the WorkSpan system?
A: Yes. An existing user can be removed from every WorkSpan object with a single click. It's just as quick and easy to remove a user as it is to replace an existing user with another in the system.