What is the GDPR?
On May 25th 2018, the General Data Protection Regulation (GDPR) will come into effect. The aim is to protect the personal data of all EU citizens. Whatever the location of your business, if you store Personally Identifiable Information (PII) of EU citizens, or if your marketing campaigns target EU citizens, these changes may affect you.
Does GDPR Affect My Business?
Transparency and communication with your customers (in the EU) are key elements of the GDPR. As part of the new regulation, you must let your customers know how you collect, store, and use their data, in a clear and transparent way. In addition, you must comply with your customers’ requests to receive a copy of their data that is processed within your business processes.
How We’ve Prepared for GDPR
We’re Certifying for International Data Transfer
“The EU-U.S. and Swiss-U.S. Privacy Shield Frameworks were designed by the U.S. Department of Commerce and the European Commission and Swiss Administration to provide companies on both sides of the Atlantic with a mechanism to comply with data protection requirements when transferring personal data from the European Union and Switzerland to the United States in support of transatlantic commerce.” (https://www.privacyshield.gov/welcome).
Details of our certification status are here: https://www.privacyshield.gov/participant?id=a2zt0000000TNY1AAO&status=Active.
We’ve Coordinated with our Vendors and Subcontractors
We’ve signed Data Processing Agreements with our Vendors and Subcontractors. For example, the bulk of our data processing and transfer operations occur within our datacenter, Amazon Web Services (AWS) – and we’ve signed their DPA.
Use WebsiteAlive’s New GDPR Tools to Access and Delete your Customer’s Data
In accordance with the GDPR, site visitors have the right to access their data or “be forgotten” (to be permanently deleted from your databases). WebsiteAlive has developed the two main tools to assist you in becoming GDPR compliant within WebsiteAlive:
- Right to access (a download of all chat transcripts for a user based on email)
- Right to be forgotten (deletion of all chat transcripts for a user based on email)
To access this, log into your Administrator account, click on Basics -> Compliance Tools, and create a New Data Request. This feature is only available for Administrators and not Operators with Admin Access.
Questions? Feel free to connect with us at firstname.lastname@example.org.