× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. May 2018

Re: IBM and GDPR notices

I am getting GDPR letters from customers in the EU as well to sign. One
had an addendum that stated that I will:

"Allow access for the customer to my supplier system".

Doesn't that break the very rules and reasons of the GDPR? They'd be able
to see pretty much any customer in my records, what they purchased, when,
and with what type of payment method, etc...




On Wed, May 16, 2018 at 12:40 PM Jim Oberholtzer <
midrangel@xxxxxxxxxxxxxxxxx> wrote:

I get so many meaningless emails from IBM if I got this, I most likely did
not see it.

But this defaults to "you accept anyway" so why spend the money to send
these out?

Ridiculous.


--
Jim Oberholtzer
Agile Technology Architects


-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of
Jeff
Crosby
Sent: Wednesday, May 16, 2018 11:58 AM
To: Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxx>
Subject: Re: IBM and GDPR notices

Hmm. I got mine from IBM via email back on April 10. Maybe yours went to
spam? And now they're getting desperate to find you? :)





Dear Jeff Crosby
Personal Data and its protection are becoming increasingly important to
individuals and enterprises. As you may know, the European Union passed the
General Data Protection Regulation (GDPR) effective 25 May, 2018. The GDPR
is designed to ensure a consistent level of protection of the rights and
freedoms of natural persons with regard to the processing of their data and
to establish one set of data protection rules across the European Economic
Area (EEA).
The GDPR applies to all organisations established in the EEA but also to
organisations established outside the EEA, when their processing activities
relate to the offering of goods and services to individuals in the EEA or
to
the monitoring of individuals' behaviour within the EEA.
IBM is committed to GDPR readiness.
Your company may have one or more agreements in place with companies or
affiliates of the IBM group (hereafter "IBM"), where IBM provides a service
to you that involves the processing of your Personal Data by IBM.
Accordingly, IBM acts as processor of your Personal Data.
According to the GDPR (Article 28), both controller and processor, have the
obligation to enter into an agreement governing the processing of Personal
Data. The GDPR explicitly sets out requirements with regard to the content
of such agreement.
In order to comply with this statutory requirement, IBM has created an IBM
Data Processing Addendum (DPA) and applicable DPA Exhibit, which amend our
existing contracts, to apply in situations where IBM is processing Personal
Data within the scope of the GDPR. In the event of any conflict with
existing data privacy or security terms, the DPA and applicable DPA exhibit
shall prevail.
In order to ensure that our contracts are amended to comply with the GDPR,
we kindly ask you to take the following actions by May 24, 2018 (the "Due
Date"):
Please click this link

<redacted>
to review IBM's Data Processing Addendum (DPA) and DPA exhibit which
applies
to your IBM offerings to express your acceptance of its terms. If you need
to delegate the acceptance of the terms to someone else in your company,
please do this directly in the tool by changing the signer.
Note: Please
do not just forward this email to someone else, as they will not be able to
access the tool, unless they have been delegated to perform this action.
If no explicit consent is given by the Due Date, but you continue to use
the
services provided under the relevant IBM contract already in in place, the
GDPR terms as set out in the DPA, and associated to your offering with IBM
will apply to that contract. Such GDPR terms, apply to your contract with
IBM, to the extent that the GDPR applies to content. This will ensure GDPR
compliance.
If you believe IBM is not processing any of your Personal Data or the
Personal Data processed by IBM is not subject to the GDPR, please click the
"opt out" button when directed to accept the DPA, and provide the reasons
behind the "opt out" in the appropriate box. It is in both of our interests
to have a proper record of the steps we have taken to ensure compliance
with
the GDPR in order to be able to provide this to Data Privacy Supervisory
Authorities upon their request.
Additional details connected to your offering will be provided at the time
you place a new order with IBM or you renew the existing one.
If you have been contacted already by your IBM representative specifically
about compliance with the GDPR and its implications for your contractual
relationship(s) with IBM, please refer to him for the next steps to be
taken.
Your prompt cooperation is greatly appreciated. If you have any questions,
please access this link: www.ibm.com/data-responsibility/gdpr/terms/
welcome.jsp#!/chat
Privacy Shield is one of the approved certification mechanisms in the EEA
under GDPR Article 28.5 for personal data transferred to the United States;
for more information about IBM offerings and Privacy Shield see
https://www.ibm.com/privacy/details/us/en/cross_border_
transfers_via_privacy_shield.html.
<
https://www.ibm.com/privacy/details/us/en/cross_border_transfers_via_privac
y_shield.html
<https://www.ibm.com/privacy/details/us/en/cross_border_transfers_via_privacy_shield.html>

Additional information for customers about the GDPR and the IBM GDPR
Readiness Journey can be found here: www.ibm.com/gdpr Thank you.
IBM Global Markets



On Wed, May 16, 2018 at 12:44 PM, Jim Oberholtzer <
midrangel@xxxxxxxxxxxxxxxxx> wrote:

I just received a FedEx overnight delivery from IBM. It has a one
page form letter to "Dear Valued Client".



It basically says IBM will be complying with the EU GDPR regulations
(regulations without any enforcement mechanism, nor penalties) and go
to a web site that explains any of the terms/condition changes as the
result of this regulation.



Then it gets better, there is a unique identifier on the FedEx
envelope that you need to use to go onto the web site to indicate your
acceptance of the new terms. So, if like my assistant does, the
letter is extracted from the envelope and the envelope discarded
(since when do we keep those anyway?) now how are you supposed to go
onto the web site? Think of the mail rooms in larger organizations.
Geesh..



Better yet, they say that if you do nothing by the "due date" (May 24,
2018)
they assume you agree and off you go.



US based customers could have been serviced by the Post Office just as
easily and most likely cheaper. Why use FedEx? I swear the lawyers
at IBM make life so much harder and expensive than it has to be. I
wonder where the stock prices would be without this type of insane
expense.



HP, Cisco, Dell, and Brocade all sent me similar notices, via email....





--

Jim Oberholtzer

Agile Technology Architects



--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe,
unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take
a moment to review the archives at
https://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxx for any subscription related
questions.

Help support midrange.com by shopping at amazon.com with our affiliate
link: http://amzn.to/2dEadiD




--


Jeff Crosby
VP Information Systems
UniPro FoodService/Dilgard
P.O. Box 13369
Ft. Wayne, IN 46868-3369
260-422-7531
direct.dilgardfoods.com

The opinions expressed are my own and not necessarily the opinion of my
company. Unless I say so.
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe,
unsubscribe,
or change list options,
visit: https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a
moment to review the archives at https://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxx for any subscription related
questions.

Help support midrange.com by shopping at amazon.com with our affiliate
link:
http://amzn.to/2dEadiD

--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxx for any subscription related
questions.

Help support midrange.com by shopping at amazon.com with our affiliate
link: http://amzn.to/2dEadiD


As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.