Data Processesing, GDPR, and Trakstar

From the desk of:

Julie Rieken

CEO, Trakstar


May 16, 2018


To all of our Valued Customers:

Sparked by recent events and new legislation like the GDPR, Trakstar saw an opportunity to revisit and strengthen the strong data processing policies we already had in place. We’re confident that today, we’re better than ever before.

There are two things I wanted to share. First, our 7-point approach to data processing.  Second, what our interconnected approach means for our customers.

We approach Data Privacy in seven (7) specific ways, beginning our Employee Handbook, through the technical handling of customer data, and everything in between.


  1. Employee Handbook: We expect Trakstar employees to treat customer data as their own. We train employees to follow company policies and procedures around data handling and monitor our actions in every department.
  2. Privacy Policies: Our Privacy Policies explain how Trakstar collects data from both leads and existing customers, and what we do with the data. Our policies are EU-US Privacy Shield compliant and are current as of May 2018.
  3. Customer Agreement: Our Customer Agreement defines confidential information, explains both Trakstar responsibilities and those of the customer around data, and how we’ll return data if we break up.
  4. Data Processing Addendum (DPA): In conjunction with our Customer Agreement and the acceptance of our Privacy Policy, we may provide a customer with a copy of our standard DPA.  This Addendum works in harmony with our Customer Agreement and builds on it, providing more detail on how we handle data.
  5. EU-US Privacy Shield: Trakstar is approved as EU-US Privacy Shield compliant, which means we take care in the transferring of data between the US and the European Union. It also says that in the event of a dispute, we agree to let an arbiter work with us to resolve issues.
  6. GDPR Compliance: We’ve studied the GDPR, understand the 11 principles, and have addressed each one. We’ve created policies on how to handle personally identifiable information in accordance with the GDPR, whether that information is from a potential customer or an existing one. We’re ready for the May 25, 2018 GDPR go-live date.
  7. Insurance Policies: Trakstar holds a comprehensive Cyber Insurance policy to protect us and our customers from cyber dangers.


What our interconnected approach means for our customers:

We’re proud that our approach to data processing, while always strong, has improved.  We plan to lead the way with best practices – with each piece of our strategy building on the next.  It means our existing customers and customers-to-be will benefit from the harmony of our approach and can feel secure in doing business with us.

In plain language, it also means we will be taking a position to maintain continuity with Customer Agreements.  We’ll offer a standard DPA only in specific, necessary situations.

Our seven points are interconnected, for our good and the good of our customers, making Trakstar the best company to help you find and recruit the best employees, then manage and modernize your performance reviews.

Thanks for being a Trakstar customer. We appreciate each and every one.


Kind regards,

Julie Rieken

CEO, Trakstar