Aircraft Disaster: Managing Aviation Personnel's Psychological Issues
In the digital age, maintaining privacy and transparency is paramount for businesses, especially when it comes to handling user data. Piano, a company that manages subscription services, has taken steps to ensure compliance with the General Data Protection Regulation (GDPR) in the European Economic Area (EEA).
When it comes to managing subscriptions, users can cancel or modify their subscriptions directly through external platforms such as Apple's iTunes. This allows users to control their subscriptions conveniently, with payments charged upon confirmation of purchase and auto-renewal occurring unless canceled at least 24 hours before the subscription period ends.
Regarding data transfer, Piano employs Binding Corporate Rules (BCRs), an approved mechanism by the European Data Protection Board (EDPB) that provides legal safeguards for international data transfers within corporate groups. This includes transfers to third countries, such as the USA, for the purpose of providing the external subscription service.
The legal basis for these data transfers is based on GDPR Articles 49 (1) (a) and (b). Article 49 (1) (a) allows transfers based on explicit consent when no other transfer mechanisms are available, while Article 49 (1) (b) allows transfers for the performance of a contract or to take steps at the request of the data subject. In this case, the user's consent for this data processing includes the transfer of personal data to third countries, such as the USA, for the purpose of providing the external subscription service.
Piano takes data protection seriously. They have undergone audits by French data protection authorities (CNIL) and maintain strong data protection measures, including consent management and privacy by design. Piano continuously validates and updates its privacy and security frameworks through annual verification and surveillance audits, demonstrating ongoing compliance with evolving GDPR standards, including in contexts involving data transfer post-Schrems II decision.
In summary, Piano's external subscription service manages subscriptions via integrated external platforms directly controlled by users, while ensuring that any personal data transfer to third countries, including the USA, complies with GDPR through Binding Corporate Rules and explicit consent where applicable. This commitment to privacy and transparency is a testament to Piano's dedication to its users and the regulatory environment in which it operates.
For more details on data processing, users can find more information in the privacy policy and privacy statement, which are available at the footer of the offer at any time. Users can also withdraw their consent for data processing at any time via the "Revoke Tracking" link in the footer of the offer.
What about the integration of science, health-and-wellness, and mental-health with Piano's commitment to privacy and transparency? Piano could explore therapies-and-treatments that prioritize user privacy by developing secure platforms for online mental health services, adhering to GDPR regulations, and employing Binding Corporate Rules for international data transfers.
