General Data Protection Regulation (GDPR)

Committed to your Privacy: ARRIS and the GDPR

The General Data Protection Regulation (GDPR) will go into effect for all residents of the European Union on May 25, 2018.

Beginning May 25, 2018, the European Union (EU) will begin enforcing new legislation that regulates the way that companies handle people’s personally identifiable information (PII). These requirements are known collectively as the GDPR. GDPR affects any company that handles the personal data of EU residents, regardless of where that company is located.

ARRIS and GDPR

ARRIS, including Ruckus Networks, believe that our existing and prospective customers, as well as their end users connecting to our technology, have a right to privacy and the ability to control how their personal data will be used. We support this new legislation and are implementing key measures across our entire business.

Our work towards compliance is rooted in our long-standing commitment to privacy and data security. Over the years, we’ve built protection and tools into our solutions to enable our customers to securely manage the data that they provide us. This is a key tenet of our corporate responsibility, and it serves as the foundation for our steps towards GDPR compliance. 

Our Privacy Priorities

GDPR

Privacy and Security

One of our top priorities is maintaining the security of the PII that ARRIS and Ruckus have collected and continue to collect. As we adopt new systems and ways that we engage with our customers and end-users, we’re ensuring that we maintain the necessary protection and transparency for PII.

Consistency and Flow

Whenever data is transferred within our organization or to our partners or any third party, we’re ensuring that each link upholds the same commitment to security and privacy as we do. We’re committed to aligning the data handling between organizations and jurisdictions across all the entities that we touch, all over the world.

Design and Engineering

To maintain the safe and secure transfer of PII across our systems and solutions, today and in the future, we’re ensuring that our ongoing privacy efforts are built into our design and decision-making philosophies at the earliest stages of development. We are dedicated to creating solutions that are not only born with privacy in mind, but continue to deliver on the underlying value systems of security, privacy, transparency and control, as they inevitably evolve and improve.

GDPR Compliance

Both ARRIS and Ruckus have been preparing for GDPR for over a year. We have a dedicated and cross-functional team of experts to review processes and implement any necessary changes in our on-going efforts to ensure the requirements of the GDPR are met. We are taking stock of relevant systems, solutions and processes with the assistance of experts in the field to identify areas of focus, implement any changes and build best practices into our processes and capabilities. We will also work with our corporate customers, who own and operate ARRIS and Ruckus products, who decide how to implement them, and who control and manage data relating to those products.

Our GDPR Approach

  • Survey – Taking stock of all affected systems, solutions and processes
  • Identification – Identifying all areas for compliance and updates
  • Scheduling – Assigning schedules for progress and review
  • Review– Engaging internal and third-party assessors to validate compliance
  • Planning – Building compliance best practices into future systems and capabilities

ARRIS GDPR Compliance

Our specific steps towards compliance include:

  • Inventory: Building a comprehensive inventory of all related data processing activities and systems that handle Personally Identifiable Information (PII), personal data, and identifying and conducting security reviews with all third parties sharing PII

  • Tools: Developing capabilities and processes for handling Data Subject Access Requests (DSARs), including Right to Erasure and Right to Portability and creating Incident Response “playbooks” for how to report and respond to data breaches and security incidents

  • Security: Reviewing internal systems and applications, implementing data encryption as necessary, and building review processes to ensure PII is restricted and access is reviewed regularly

  • Updates: Revising privacy policies and statements to include transparency and other information as required by GDPR

  • Planning: Working directly with the Business Transformation Initiative to ensure proper GDPR compliance as new business systems come online

Ruckus Networks Products GDPR Compliance

Most Ruckus products are owned and operated by customers in their own premises that control with whom they share the data.

Our specific steps towards compliance include:

  • Review: Using leading third-party security compliance consultants to review our systems, and capturing the details of what data we process and how the customer has control over it

  • Tools: Adding tools to our products through roadmap updates that our customers can use to provide PII data visibility to data subjects as well as the ability to delete them

  • Design: Improving future product design processes to incorporate new data privacy elements

  • Communication: Adhering to GDPR’s requirement to communicate data breaches to affected parties in a timely manner

 Download the Details

FAQ for Customers and Prospective Customers

 

What does GDPR mean for me?

As a prospective ARRIS customer, consistent with our Privacy Policy, we will collect your explicit consent to receive communications through a specific channel by using opt-in checkboxes placed on various forms throughout our websites. If for any reason or at any time you wish to withdraw your consent, you may do so by simply unsubscribing. An unsubscribe link will be clearly visible in every email you receive from ARRIS.  You may also update your communication preferences to better tailor your experience.

How does ARRIS use my information?

ARRIS uses marketing automation tools to deliver a relevant experience for our current and prospective customers. These tools record your interactions with our website (via cookies) and email communications, as well as the information you provide through form submissions. This data is used to inform our content development efforts, as well as provide dynamic email and online experiences that we hope will better reflect your interests and needs. We will never sell this information to a third party, nor will we use this information to send you communications that are not related to those you consented to receiving.

What if I’m already an ARRIS customer?

Existing ARRIS customers who have entered into contracts with ARRIS have provided consent to perform the tasks agreed to in the contract. For prospective customers, the execution of a legal agreement will indicate your consent to perform the tasks agreed to in the contract. We’ll still attempt to gain your explicit consent for other marketing communications. We will also only send communications through your preferred channel related to either the administration of your account or to share information about complementary products and services. Of course, you’ll be able to unsubscribe or update your communications preferences at any time.

Related Information

GDPR Blog Posts

GDPR Resources

GDPR Contact

At ARRIS, we take your privacy and data security seriously. If you have any questions about how we collect, store or use your information, or about the new GDPR, please contact us.

  • ARRIS Contact Person, Gaines Carter

To submit a Data Subject Access Request (DSAR), please visit our ARRIS DSAR Forms page.