Compliance with GDPR is a mandatory exercise in all organizations, which is aimed at protecting EU Citizens’ personal data and increasing the transparency of the ways in which data is used. This is applicable to any business across the world that holds/processes data of EU citizens.
In this context, our product and marketing teams at Easygenerator are making an effort to ensure that the authoring tool and the website are GDPR compliant. This page intends to give you GDPR-related product updates between now and May 25th.
What are we doing?
Easygenerator is currently implementing its company-wide GDPR compliance strategy ahead of the May 2018 due date. Below are a few examples of initiatives we have committed to in order to satisfy GDPR requirements that apply to both Easygenerator and our customers:
Data Processing Agreements
- We are documenting all the customer details that surface all along the user journey of our product and website. We are maintaining a record of what personal data we hold, where it came from and how we store them.
- We are updating our Privacy, Security and Usage Terms & conditions with data protection agreements. We clearly specify the consent, retention and purpose of data (why we want the data and what we’re going to do with it).
- Where we are storing and transferring personal data, we are committing to implement right encrypted transmission mechanism to safeguard the user information.
- When processing personal data regulated under GDPR, we commit to follow any additional security and privacy measures required under GDPR.
- We are updating the product (sign up, features etc) and also the website (newsletters, cookies etc) to clearly communicate the explicit consent and opt-out options.
- We are documenting the procedures to handle data requests from our users and also adding new features to allow them to delete their personal details from the product.
3rd party vendors
- We are holding 3rd party vendors (that handle personal data) to required data management, security, and privacy practices and standards. We will name any organization that relies on the consent you provide us in the product. For example, payment providers, feature integrations etc.
- We are ensuring that Easygenerator’s employees have been trained in handling that data and are bound to maintain the confidentiality and security of that data.
- We implement right procedures to detect and report any data breaches. Our framework regularly monitors the access and attempts on our servers.
- We will notifying regulators, customers, and users of breaches, promptly as required by the GDPR.