Nothing matters more to us than the security of your data. We have you covered for the EU’s new General Data Protection Regulation (GDPR).
Protecting customer data is a top priority at Delighted. We understand you are trusting us with your data and we take the responsibility of securing it extremely seriously. Our Security page outlines all of our practices. Additionally, Delighted has a Data Protection Impact Assessment (DPIA) that documents our handing of all your data, including personal data.
Account admins can modify collected personal data to meet the correction requirement of the GDPR with a simple request to our Concierge team.
As an account admin, you can permanently delete individual people, responses, and respondent personal data should an individual request it.
Delighted protects all of our customers with an array of security features.
Effective May 25th 2018, GDPR tightens the rules for businesses on how they collect, store and process EU citizens’ personal data. The new regulations impact organizations worldwide who collect and process personal data of EU citizens. Some of the key changes likely to impact your customer feedback programs are listed below.
EU citizens will have the right to request that their personal data are rectified, and they can request restrictions on how their data are used. In addition, they may asked to “be forgotten,” requiring that all their personal data be permanently erased. Generally speaking, the GDPR explicitly states it must be as easy to withdraw your data as it was to consent to it in the first place.
A business must seek an individual’s unambiguous consent prior to collecting any personal data. How the personal data will be used must be clearly stated, and business contact details provided if more information is requested. Organizations may need to consider conditions for processing other than consent, such as in relation to a contract, or because of another legal obligation (such as employer-employee).
Data processors will need to implement a high level of security to safeguard the controller’s data, and to conduct a Data Protection Impact Assessment (DPIA) that documents how personal data will be safeguarded. Our Security page describes our key privacy-related processes and procedures.
Delighted enables customers to be GDPR compliant. Briefly stated, that means Delighted:
GDPR Article 28, Section 3, requires that a contract be in place between a data controller and a data processor. For years, the Delighted Terms of Service and Privacy Policy have provided the fundamental legal requirements and obligations regarding data ownership, processing behavior, safeguarding data, and more.
However, to provide added GDPR coverage and compliance, we’ve since updated our Terms of Service to include our DPA. These Terms of Service are agreed to upon creation of a Delighted account. If you have a Delighted account, you are already covered.
Don’t hesitate to contact us to find out more about our changes and how we’re helping you to comply.
