FreeWiFi's GDPR Statement

In May 2018, the EU General Data Protection Regulation (GDPR) replaced the existing 1995 EU Data Protection Directive (European Directive 95/46/EC).

FreeWiFi currently complies with applicable data protection regulations and is committed to GDPR compliance across its relevant services. FreeWiFi has a internal team made up of cross-functional stakeholders overseeing FreeWiFi's GDPR ongoing compliance efforts, which include:

ASSESSMENT
FreeWiFi has reviewed where and how our relevant services collect, use, store and dispose of personal data and has updated policies, standards, governance and documentation where needed. FreeWiFi is dedicated to keeping such due diligence current and carrying out re-assessments periodically and/or as required by changed circumstances.

CONTRACTUAL COMMITMENTS
Working in conjunction with our partners and customers, FreeWiFi is reviewing our contractual commitments and updating as needed to directly address GDPR requirements. FreeWiFi has released a Data Processing Addendum (DPA) with provisions to assist our partners and customers with their GDPR compliance. FreeWiFi has also reviewed its existing supplier contracts to ensure GDPR compliance throughout its supply chain and will continue to conduct due diligence as new suppliers are onboarded.

CROSS-BORDER DATA TRANSFER
In addition to ensuring FreeWiFi's contractual commitments we do not transfer data from the EU to the rest of the world. Our entire infrastructure is hosted in Microsoft Azure using only datacenters located on EU territory.

EMPLOYEE TRAINING AND AWARENESS
All FreeWiFi employees must complete data privacy and security training. FreeWiFi has supplemented existing training modules with GDPR-specific content. In addition to these training requirements, FreeWiFi conducts ongoing awareness initiatives on a variety of topics, including data protection, security and privacy.

FreeWiFi Partners and Customers
Compliance with the GDPR requires a partnership between FreeWiFi and our partners and customers in their use of applicable FreeWiFi services. In this context, FreeWiFi generally will act as a data processor and our partners and customers generally will act as data controllers. Working together, we hope to explore opportunities within our relevant service offerings to assist our partners and customers meet their GDPR obligations. In the meantime, FreeWiFi encourages partners and customers to independently familiarize themselves with the GDPR.