Keeping our customers’ information safe and secure is one of the highest priorities for Deltek. We have implemented and continually maintain strong security and privacy protections that reflect industry best practices, including relevant requirements under applicable data protection regulations. Deltek’s services are backed by technical and administrative safeguards and dedicated security, operational and privacy teams. As we work to enhance and develop our products and services, we have processes in place to incorporate security and privacy from the early stages of development.
Information & Frequently Asked Questions
Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, better known as the General Data Protection Regulation (GDPR), is designed to enable persons present in the European Union (EU) to better control their personal data. The GDPR identifies two primary parties in scope of its requirements – controllers and processors. Controllers determine the “purpose and means of the processing of personal data.” Processors process personal data “on behalf of the controller.” The GDPR became effective on May 25, 2018.
In the context of the GDPR, Deltek takes on the role of processor in its relationship with its customers. As a result of this role, Deltek has certain general responsibilities as outlined in the GDPR. Keeping customers’ information, including personal data, safe and secure is among our highest priorities and most important responsibilities. Deltek works to implement and maintain strong security and privacy protections that reflect best practices as it relates to the GDPR.
The California Consumer Privacy Act (CCPA) was signed into law on June 28, 2018 and goes into effect on January 1, 2020. The CCPA has a tiered applicability based on specific criteria, first to businesses, then to service providers, and lastly to third parties. It also creates an array of new consumer privacy rights and governs the sale and sharing of consumers’ personal information.
As with the GDPR, Deltek processes personal information through its products on behalf of its customers, some of whom may be subject to the CCPA. Our customers disclose their consumers’ personal information for the business purpose pursuant to a written contract or agreement entered into with Deltek. In the context of the CCPA, Deltek takes on the role of a service provider in relation to its customers who are governed by the CCPA. Deltek is well situated to meet its obligations as a service provider and is establishing processes to ensure the security and privacy features of its products provide the capabilities to enable customers to comply with their obligations under CCPA.
Deltek utilizes the Standard Contractual Clauses (SCCs), sometimes referred to as the Model Clauses, in accordance with Article 46(2)(c), as the approved cross-border data transfer mechanism for personal data collected by our customers from individuals in the EU that Deltek processes. The SCCs are incorporated in our Data Processing Addendum which is available at: https://www.deltek.com/DeltekDPA.
Deltek conducts regular audits against the SOC standards, discussed in more detail on our compliance page. We can provide copies of the SOC Reports upon request where appropriate. In addition, Deltek assesses certain products on a regular basis against the National Institute of Standards and Technologies’ Special Publication 800-171. For additional information on these assessments, please visit our compliance page. If you have any specific questions regarding Deltek’s compliance with any legal requirements, please contact email@example.com.
Deltek and its affiliates are located around the world. For more information, please visit our locations page.
Deltek has a robust security program and implements and maintains appropriate technical and organizational measures to ensure that data is secured, taking into account the state of the art technology, the costs of implementation, and the nature, scope, context and purposes of processing, as well as the risk of varying likelihood and severity of potential impact to the rights and freedoms of individuals. Visit our security page for detailed information.
Under the GDPR, Articles 37-39 discuss the designation, position, and tasks of a data protection officer. Deltek’s business practices do not require us to appoint a data protection officer as outlined under the GDPR. However, our Legal Department is responsible for overseeing Deltek’s privacy and data protection program, advising the business with regard to the impact of relevant laws and regulations on our processing operations, and serving as the primary point of contact for inquiries by individuals and supervisory or regulatory authorities. Questions may be submitted electronically to firstname.lastname@example.org or via mail to:
Attn: Legal Department - Privacy
2291 Wood Oak Drive
Herndon, VA 20171
If you are a customer, please consult your agreement with Deltek, which outlines what Deltek’s activities are in the scope of our provision of service or your purchase of our products. You can also contact your customer care representative.
If you would like to adjust your preferences for email communications, unsubscribe from certain types of communications or opt-out of all email communications, please visit our Email Preference Center. If you would like to re-subscribe, you can always opt back in through the same process.