CellarStone Completes GDPR Audit

by Sarah Harvey / August 23rd, 2019

Independent Audit Reviews CellarStone’s Controls in Support of GDPR

Half Moon Bay, CA – CellarStone, a provider of systems, solutions, and services focused on incentive management, PaaS application development, and data integration, today announced that it has completed its GDPR audit. This audit verifies that CellarStone, in its role as a processor, has implemented safeguards that meet the protections required by GDPR and its data protection program is operating with sufficient effectiveness to provide reasonable assurance that the privacy, security, confidentiality, and integrity of personal information is protected.

The GDPR is a broad-sweeping data protection law effective May 25, 2018, created by the European Union to establish the rights of EU subjects with respect to their personal data. Additionally, the GDPR establishes the data protection obligations of entities processing the personal data of EU data subjects, wherever such EU person’s data is processed, whether in the EU or internationally.

It should be noted that a GDPR audit does not constitute a formal legal opinion, legal representation, or formal certification on behalf of a private company, an individual data protection authority or the European Union itself.

“GDPR will give our customers, especially those who are in the EU region, a greater control over their data; and we take the responsibility for its protection,” said Gopi Mattel, CEO of CellarStone, Inc. “As sales commission specialists, we understand the sensitivity of compensation data very well. The GDPR law extended the privacy and security principles of sensitive data to personal data too. Thus, we enhanced our procedures and controls to ensure that our company complies to the new rules under the GDPR.”

“Based on our objective analysis, CellarStone is performing its due diligence as a processor to safeguards the nonpublic personal information it is responsible for,” said Mark Hinely, Director of Regulatory Compliance at KirkpatrickPrice.

About CellarStone

CellarStone, Inc. is a premier firm in the Sales Compensation Management and Sales Analytics arena. CellarStone works with IT, Finance, Human Resources and Sales to manage and implement variable pay and sales commission systems. The CellarStone commission and analytic solutions have been successfully implemented for companies in many industries including, Retail, Banking, Staffing, Manufacturing, Consulting, Investment Management, Insurance, Medicare and many others. For more information please visit www.qcommission.com, www.qxchange.com, www.easy-commission.com, www.maxblox.com and www.cellarstone.com.

About KirkpatrickPrice, LLC

KirkpatrickPrice is a licensed CPA firm, PCI QSA, and a HITRUST CSF Assessor, registered with the PCAOB, providing assurance services to over 900 clients in more than 48 states, Canada, Asia, and Europe. The firm has over 13 years of experience in information security and compliance assurance by performing assessments, audits, and tests that strengthen information security and internal controls. KirkpatrickPrice most commonly provides advice on SOC 1, SOC 2, PCI DSS, HIPAA, HITRUST CSF, GDPR, ISO 27001, FISMA, and CFPB frameworks. For more information, visit www.kirkpatrickprice.com, follow KirkpatrickPrice on Twitter (@KPAudit), or connect with KirkpatrickPrice on LinkedIn.