UXP is a technology that enables peer-to-peer data exchange over encrypted and mutually authenticated channels. It is based on a decentralized architecture where each peer has an information system that will be connected with other peers’ systems.
Peers communicate directly without intermediaries; all messages are signed and time-stamped. Each peer is provided with technical means to manage user authentication requirements and access rights and to monitor operational issues in the relevant UXP deployment.
UXP can be used as a set of technical measures necessary to ensure that the relevant laws and regulations, including legal requirements for personal data protection, are implemented for the data processing activities at hand.
Regarding personal data protection, UXP is essentially a set of tools and techniques for privacy engineering, i.e. it can be configured to assure that the engineered systems provide acceptable levels of privacy.
UXP is a configurable platform, not a turnkey solution. When Cybernetica’s clients choose UXP as a technology suitable for their specific use case, it is their responsibility to make sure that UXP is set up, configured and used in a way that complies with the relevant laws and regulations, including legal requirements for personal data protection.
If a UXP client acts as a data controller or data processor in the meaning of the personal data protection regulations applicable in the European Union, it is up to such data controller or data processor to duly fulfil their obligations in relation to regulators and data subjects whose personal data is processed by means of the relevant UXP deployment.
If you are a data subject concerned about your personal data being processed in a UXP deployment, please turn to the organisation responsible for the relevant UXP deployment.
Cybernetica will provide relevant documentation, software updates, trainings and other services to clients in order to facilitate their uptake and management of a UXP deployment, including assist clients in carrying out risk management activities and participating in regulatory proceedings.
Cybernetica acts merely as a technology provider and not as a data controller or data processor in the meaning of the personal data protection regulations applicable in the European Union.