DISCLAIMER: The content below is provided for informational purposes only and the information shared here is not meant to serve as legal advice. You should work with legal and other professional counsel to determine exactly how the GDPR may or may not apply to you.
What is GDPR
Any company doing business in Europe must furnish a record of everything they know about a customer at their request. EU Citizens have the right to be forgotten, which means they can request to be deleted from a system.
How to Prepare
Customer's Role in GDPR Compliance
You, our customer, are the Data Controller and Crowdskout is acting as your Data Processor for your audience. In this respect, you’ll want to take the following steps leading up to and after May 25th, 2018:
Perform your own research, modeling, vendor audit, and strategy steps at your organization to ensure you understand GDPR as it applies to your business, and to determine who in your database is impacted.
Be thinking about how you’ll handle consent. You should make sure that you are obtaining proper consent about collecting data from/about any of your audience impacted.
Crowdskout's Role in GDPR Compliance
Under GDPR, Crowdskout is the Data Processor acting on your behalf. To this end, Crowdskout's responsibilities include:
Only process personal data on instructions from the controller, and inform the controller if it believes said instruction infringes on the GDPR. In other words, a data processor may not opportunistically use or mine personal data it is entrusted with for purposes not outlined by the data controller.
Upon request, delete or return all personal data to the controller at the end of service contract.
Assist and contribute to compliance audits conducted by the controller or a representative of the controller.
Take reasonable steps to secure data.
Notify data controllers without undue delay upon learning of data breaches.
We want to help you prepare for the change and included more documentation below about GDPR for you to reference.