Ensure GDPR and Data Security compliance in your production
SetKeeper offers features to help customers comply with regulatory and studios requirements. SetKeeper is officially vetted by studios InfoSec teams worldwide and fully supports the General Data Protection Regulation (GDPR) for all users.
SetKeeper helps you comply with data privacy requirements
SetKeeper Practical Guide to GDPR Compliance for Production Companies and Studios
It is necessary for all Production companies and Studios to have data protection tools in place to ensure compliance with the GDPR provisions. We have designed this Practical Guide to help both your productions and SetKeeper meet the GDPR requirements together. Download this FREE Practical Guide here.
Training and Privacy awareness
All SetKeeper employees have been given GDPR training using IAPP Privacy Core® resources. Training sessions are conducted upon hire for all new employees and annually thereafter.
All our current sub-processors are reviewed on an annual basis to ensure they meet security and privacy requirements required for GDPR. View list of authorized sub-processors
Data Privacy FAQs
Who can access my personal data?
Production companies, their staff and their agents or service providers have access to the personal data and information you provide to them. Certain SetKeeper employees may also access some of your personal information for strictly administrative purposes and/or to perform the services we provide.
You have the right to access your personal data at any time. This is commonly referred to as “subject access”. You can make a subject access request, for free, in writing to email@example.com.
Where is my personal data stored, and under what regulatory requirements?
Servers that run the SetKeeper application are based in the European Union, operating under the GDPR framework.
Does Setkeeper share data with third-party entities?
SetKeeper shares data with a list of selected sub-processors for the purposes of running the service. All our sub-processors are reviewed on an annual basis to ensure they meet the security and privacy requirements mandated by the GDPR framework.
How long does SetKeeper keep personal data and what happens to my personal data at the end of a project?
What steps has SetKeeper taken to be GDPR-compliant?
We offer our users a simple way to request data removal: you can email us at firstname.lastname@example.org.
All SetKeeper employees receive GDPR training using IAPP Privacy Core® resources. Training sessions are conducted upon hire for all new employees and reviewed annually thereafter.
All our current sub-processors are reviewed on an annual basis to ensure they meet security and privacy requirements required for GDPR.
How does SetKeeper secure personal data and sensitive files?
SetKeeper has been designed to fully meet regulatory requirements. We undergo routine information security audits by studios and independent experts (such as the Digital Production Partnership) to ensure your data is always protected. Please read our Security page for more information about User Management, Security, and Data Collection and Processing.
SetKeeper is built to comply with the strongest business continuity requirements
SetKeeper databases are automatically backed up in real time and stored in a secure and remote data center not directly linked with our production servers to ensure redundancy of your data. Our server architecture is redundant, meaning even if one server fails, the system stays active and accessible. We maintain more than 99% uptime, which guarantees you service continuity and quality assurance.
Our system is designed to re-deploy automatically and identically in case of failure. Our database is designed to automatically restore from our real-time backup at any time using a secured channel.
We report any incident that happens on our platform by informing all impacted users via email or in-app chat if available. Our support team is trained to resolve any incident and is available 7/7 by email and phone.
SetKeeper protects and secures your data
Single Sign On
SetKeeper offers Single Sign On implementation compatible with Google Suite, Outlook and Microsoft Azure AD.
Firewall and Antivirus
The SetKeeper system is protected through a strong firewall to filter connections to our servers. SetKeeper also offers an advanced security option, which allows each file uploaded to and downloaded from SetKeeper to be scanned by an antivirus.
Encrypted data transfers
Server to client communications are encrypted with TLS (HTTPS). The system is designed to prevent any plain communication through the Internet.
Ultra-secure data centers
SetKeeper only stores and processes data in Tier 3 data centers, with biometric access control, onsite energy production systems and all IT equipment being dual-powered and provided with two redundancies. SetKeeper runs on top of the same cloud providers as Comcast, Netflix, Lionsgate, NASA, Dow Jones, etc.
Our servers are hosted on AWS. Here are AWS IT standards we comply, broken out by Certifications and Attestations; Laws, Regulations and Privacy; and Alignments and Frameworks. Compliance certifications and attestations are assessed by a third-party, independent auditor and result in a certification, audit report, or attestation of compliance.