Kashoo News

What Is GDPR (and how to make sure your small business is compliant)

By May 3, 2018 No Comments

As many of you know, there has been a major upgrade to Europe’s data protection regulations—the EU General Data Protection Regulation (GDPR). Whether or not you have an EU presence, it is important for you, as a small business, to ensure that you are fully up-to-date and compliant. Not only will this regulation affect whether or not EU customers will use your product, it is also a positive change to for your overall business process and development as it gives you a chance to think about how data is collected, why it’s collected, as well as what is done with it. If you process any EU citizen data, which most companies do, this law WILL apply to you.

What Is GDPR?

After May 25th, 2018, any time you collect data linked to a citizen of the EU, they are entitled to know what data is kept, for what purpose, and for how long. All users will be entitled to “Right To Access”, “Right To Data Portability”, and “Right To Be Forgotten”. What this means is that they have the right to access and delete their data as easily as they provided it in the first place.

Read this overview written by the GDPR Alliance for the full gist of this new law and its requirements in relation to personal information collection.

Compliancy

In order to be compliant to this new regulation, your business must:

  • Ensure your Privacy Policy indicates the information you store about your customers and how you use it.
  • Implement a process to respond to DSR (Data Subject Rights) requests such as exporting or deleting customer data.
  • Ensure there is appropriate data security in place to prevent unauthorized access to customer data (“Data protection by design and by default”).
  • Change your sign-up process to ensure all registrants give explicit consent to collect their data. This can be an unchecked checkbox referring the Terms of Use and Privacy Policy which won’t allow any sign-ups unless it is checked.

What Kashoo Is Doing…

  • Users who sign up after April 26, 2018 would have to explicitly agree to our terms of service and privacy policy (data subject consent) by checking a checkbox.
  • Users wishing to withdraw their consent can do so at any time by contacting our Customer Success team.
  • Users wishing to export their data can do so self-serve in a variety of formats.

Whether or not you are currently serving or collecting data from clients who are citizens of the EU, it is still important to become GDPR compliant as soon as possible. Being aware and taking initiative on this matter shows that you value your clients’ privacy. Here at Kashoo, we care deeply about our clients’ privacy and data protection and are happy to become GDPR compliant.

If you have any questions about how this will affect your data, feel free to contact us directly through our live chat or through our email: answers@kashoo.com

Leave a Reply