GDPR

GDPR

We are committed to your privacy and to GDPR.

The General Data Protection Regulation is a legislation designed to strengthen and unify data protection laws for Web users in the EU. The regulation became effective and enforceable on May 25, 2018.

What has GoDataFeed done about the GDPR?

GoDataFeed has been committed to GDPR compliance since early 2018, shortly after the announcement of these new requirements by the European Union.

Although we don’t store data in Europe, we took a proactive approach to these new regulations because we understand and appreciate the value of our customers’ rights to privacy.

Here is a brief outline of our GDPR compliance process:

  • Document areas product and business is affected by GDPR - COMPLETE
  • Appoint a Data Protection Officer - COMPLETE
  • Rewrite Data Protection Agreement - COMPLETE
  • Develop strategy and requirements to address how product is affected by GDPR - COMPLETED
  • Updated platform to respect “right to no-follow” - COMPLETE
  • Implemented required changes to internal processes and procedures to achieve and maintain compliance with GDPR - COMPLETE
  • Finalized and communicated full compliance - COMPLETE

What changes has GoDataFeed made to be GDPR Compliant?

We have taken steps internally to ensure compliance with the GDPR. We have added anonymity within our data feed and order management tools and have made changes to allow users to request data scrubbing and redaction.

What do GoDataFeed customers need to do?

If you use GoDataFeed to manage your clients’ accounts, there are two things that you might need to do depending on your account type and jurisdiction. Below are the changes we foresee might affect you as a result of using GoDataFeed for your clients:

Make sure your Terms of Service or Privacy Policy properly communicate to your users how you use GoDataFeed (and similar services). The GDPR can penalize you if this is not done clearly. We recommend you ensure policies are up-to-date and clear to readers.

If you'd like to see a list of GoDataFeed's subprocessors, visit this page: https://www.godatafeed.com/sub-processors

GDPR Frequently Asked Questions

What is GDPR?

The General Data Protection Regulation (GDPR) is considered to be the most significant piece of European data protection legislation to be introduced in the European Union (EU) in 20 years and will replace the 1995 Data Protection Directive. The GDPR enhances EU individuals’ privacy rights and places significantly enhanced obligations on handling data.

What does the GDPR regulate?

The GDPR regulates the processing of a data subject’s personal data in the European Union including its collection, storage and transfer or use. The GDPR gives data subjects more rights and control over their data by regulating how you should handle and store any personal data they collect.

What rights will data subjects have under GDPR?

The GDPR grants 8 fundamental rights to data subjects. These are:

  • Right to be informed - Entities must be transparent in how they are using personal data and must inform data subjects of this.
  • Right of access - Data subjects will have the right to know what personal data is held about them and how it is processed.
  • Right of rectification - Where reasonably possible, data subjects will be entitled to have personal data rectified/edited if they feel that it is inaccurate or incomplete.
  • Right to erasure - This is also sometimes referred to as 'the right to be forgotten', Here, data subjects have the right to have their personal data permanently deleted upon their request and they do not have to provide a reason for the request.
  • Right to restrict processing - Data subjects have the right to block processing of their personal data.
  • Right to data portability - Where reasonably possible, data subjects have the right to retain and reuse their personal data for their own purpose.
  • Right to object - In certain circumstances, data subjects are entitled to object to their personal data being used. This includes, if personal data is used for the purpose of direct marketing, scientific and historical research, or for the performance of a task in the public interest.

Who does the GDPR apply to?

The provisions of the GDPR apply to any entity that processes personal data of individuals in the European Union (EU), including tracking their online activities, regardless of whether the entity has a physical presence in the EU.

What is the difference between a Data Processor and a Data Controller?

A Data Controller represents the entity that determines the purposes, conditions and means of the processing of personal data. The Data Processor is the entity which processes personal data on behalf of the controller.

If you manage customer accounts within your entity’s relationship with GoDataFeed, you are the Data Controller of your customer’s personal data and GoDataFeed is the Data Processor. With respect to your entity’s own data, GoDataFeed is the Data Controller.