The EU General Data Protection Regulation (GDPR) sets a new standard for how companies use and protect EU citizens’ data. It took effect on May 25, 2018.
At Appbot we’ve worked hard to ensure that we fulfil our GDPR obligations and maintain our transparency about privacy and security.
Our customers can trust that we will continue to make GDPR a priority and have devoted significant resources toward our efforts to comply with it. This post outlines our approach.
What’s GDPR?
The EU General Data Protection Regulation (“GDPR”) is a comprehensive data protection law that came into effect on May 25, 2018. The regulation contains the most significant changes to European data privacy legislation in the last 20 years. It is designed to give EU citizens more control over their data and seeks to unify a number of existing privacy and security laws under one comprehensive law.
How does Appbot approach GDPR compliance?
Like many other software companies, we have implemented our company-wide GDPR compliance strategy leading up to May 25, 2018 and beyond.
Here are the key things we are doing to ensure both ourselves and our customers are able to meet GDPR obligations:
Revisions to our Privacy Policy
We have updated our Privacy Policy to strengthen your privacy rights generally, and we have included changes to address the GDPR specifically. Although GDPR only applies to our users in the EU we have updated our Privacy Policy for all users to afford everyone the same level of protection.
We’ve updated our Data Processing Agreements (DPAs)
Strong data protection commitments are a key part of GDPR’s requirements. Our updated Data Processing Agreement (DPA) shares our privacy commitments and sets out the terms for Appbot and our customers to meet GDPR requirements. By using Appbot, you agree to be bound by the terms of the DPA.
We’ve appointed a Data Protection Officer
We have a dedicated Data Protection Officer to oversee and advise on our data management. Get in touch by emailing dataprotectionofficer@appbot.co.
We co-ordinate with our vendors
We reviewed all our vendors and arranged similar GDPR-ready data processing agreements with them. We’ll continue to do this whenever we begin a relationship with a new vendor which might be subject to GDPR.
We’re taking new security measures
Security is a priority for us. We’ve built a robust security framework over the past couple of years, and we are committed to continual security improvement.
Appbot & GDPR FAQs
Where do we send customer data?
Our goal is to provide our customers with a secure, fast and reliable service globally. As a provider of a global service, we run our service with common operational practices and features across multiple jurisdictions. For example, we currently store data in data centers provided by Amazon Web Services (AWS) located in the US (see https://aws.amazon.com/security for information on their security practices).
We may also allow employees and contractors located in Australia and New Zealand access to certain data for product development, customer and technical support purposes. We disclose in our Privacy Policy that personal data will be transferred to the United States and possibly to other countries for purposes related to providing products and services.
Can you guarantee that my data will stay in a certain location (e.g., Europe)?
Appbot features require that data be transferred to the US. In all cases, Appbot commits to ensuring such transfers are compliant with applicable data transfer laws, including GDPR.
Questions?
Feel free to reach out if you have any questions about GDPR – we’d be happy to chat with you about it.