We are preparing as follows in response to GDPR
We value our customers and their customers rights to privacy. In compliance with the GDPR,
we are preparing the following new features and services.
Appoint a Data Protection Officer
Obfuscation of end-user IP information collected and deleted
What happens if we don't comply with the GDPR?
In the event of a serious breach, you can be subject to administrative fines up to €20 Million,
or in the case of an undertaking, up to 4% of the total worldwide annual turnover of the preceding financial year (whichever is larger).
In the event of a general offense, you can be subject to administrative fines up to €10 Million, or in the case of an undertaking, up to 2% of the total
worldwide annual turnover of the preceding financial year (whichever is larger). In addition, the authority to determine whether and to what
penalties are imposed shall be given to Member State supervisory bodies.
Do we need to appoint a DPO?
A Data Protection Officer must be appointed in the case of: (a) public authorities, (b) entities that engage in large scale systematic monitoring,
or (c) entities that engage in large scale processing of sensitive personal data.
If you don’t fall into one of these categories, then you do not need to appoint a Data Protection Officer.
What do Beusable/Beusably customers need to do as a Data Controller?
When using Beusable/Beusably, the following obligations apply to data controllers, who's handling personal information of users in the European Union (EU).
Since Beusable/Beusably collects and stores cookies and IP information, you must obtain legitimate consent of the end user to use.
- Must have signed record from the end user.
- Must provide clear instructions to the end user about withdrawing consent.
- Must provide end users with easily accessible information about your personal data.
*What is a controller?
'Controller' means the natural or legal person,
public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
Do we need to sign a Data Processing Agreement with Beusable/Beusably?
If you are an entity based in the EU, or collect data from data subjects in the EU you should sign a Data Processing agreement with Beusable/Beusably.
Currently we are working on a specific Data Processing Agreement intended to cover all terms as required under the GDPR.