As you will no doubt be aware, a new set of data protection regulations known as the GDPR will be arriving on the 25th May. These regulations are wide reaching and change the way organisations process your data. Like every other company operating in the EU, these regulations apply to us and we've spent the last 6 months making sure everything is ready and that we're fully compliant.
I am pleased to say that we're now confident that we're GDPR-compliant and ready to welcome these new regulations with open arms. Fortunately, we were already able to tick many of the boxes relating to data retention, rights to erasure and only collecting required data. For us, this exercise was one of documentation and making sure we knew the ins & outs of all the data processed by our systems. Here are a few of things we've been doing:
Completing a full audit of data within any of our systems.
Ensuring any personal data that we no longer need is removed from our systems as soon as is practical.
Educating our whole team on the importance of privacy and their responsibilities under the GDPR.
Reviewing all our own internal development & security policies to ensure privacy is at the core.
If you store any personal data in any account that you have with us, you need to be aware of it and ensure that is suitably audited in your own GDPR compliance projects. Remember, personal data includes anything that can identify an individual, so names, e-mail addresses, IP addresses and more are included.
As part of this project, we've also re-written our Terms of Service to improve the wording & consistency throughout but also to include appropriate information regarding our obligations in situations where we act as a data processor. You can find updated Terms of Service on each of our product websites.
We hope all of this helps assure you that we're fully committed to protecting your privacy but if you have any questions please don't hesitate to drop us an e-mail and we'll be happy to help.