AppMachine News Liz Bollema 17 May 2018
GDPR is short for the General Data Protection Regulation that goes into effect on May 25, 2018. It was passed by the European Parliament to create a harmonized data privacy law across member states of the European Union (EU). Its purpose is to support privacy as a fundamental human right and therefore give EU residents rights over how their personal data is processed or otherwise used.
The GDPR defines personal data as ‘… any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, or online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person’.
Additionally, the GDPR notes that online identifiers can constitute personal data. The GDPR explains, ‘… natural persons may be identified with online identifiers which are provided by:
Individuals, companies or businesses providing services to EU residents need to comply with this law. To the extent you collect EU residents’ personal data (including the collection, processing, storage or transmittal of such data), GDPR requires you to comply with its terms by May 25, 2018. If you are an EU resident, this law will apply to your personal data in your AppMachine account.
The rights of an EU resident under the GDPR, and how you can exercise those rights with respect to AppMachine, are:
AppMachine will provide the necessary mechanism to comply with requests from you, and support you in fulfilling GDPR requests from your customers.
AppMachine is committed to achieving compliance with the GDPR by May 25, 2018. This will include work “behind the scenes,” such as reviewing and updating (as necessary) our agreements, policies, internal processes, features and templates to assure our compliance.
There are two parties that have accountability for dealing with personal data, the “controller” and the “processor.” The “controller” defines the means and purpose of the use of personal data and the “processor” only acts on the behalf of what the “controller” has instructed and processes personal data for them.
Please understand that both you and AppMachine have obligations and requirements for GDPR compliance.
In certain circumstances, you are acting as the controller, for example, when you decide what information from your contacts or subscribers is uploaded or transferred into your AppMachine account. This means you will have some additional obligations around such things as data subject rights. We urge you to understand this and seek legal advice where you think necessary.
Our Terms of Service require you to lawfully obtain and process all personal data appropriately. You will need to continue to do this to be compliant with the GDPR.
If you, or your customers, have any additional questions, please do not hesitate to contact us at email@example.com