Prodsight is compliant with GDPR (General Data Protection Regulation). The GDPR is now the standard for consumer data protection rights.
If you are located in or do business in the European Union (EU), you need to follow new stricter customer data protection rules. Learn more about Prodsight’s compliance and how GDPR affects your organisation.
Starting 25 May, 2018, GDPR will replace the Data Protection Directive, which has been in effect across the European Union (EU) for the past 20 years. The goal of GDPR is the enforcement of a standardised data protection law for the entire EU.
Why GDPR is important
To ensure that the protection of personal data remains a fundamental right for EU citizens, GDPR’s aim is to modernise outdated privacy laws. GDPR has the potential to impact any business that collects data in or from Europe.
If organisations are not GDPR compliant, significant fines of up to €20,000,000 or 4% of global annual turnover, whichever is greater, may be levied on them.
Under the GDPR you have the right to see a full copy of any data we hold about you, and also the right to request that it is fully deleted from our system (although we may be required to keep some records to ensure that you are not contacted in future, or to comply with any legal obligations).
This is also true for the data you hold about your customers within Prodsight – you need to be able to adhere to GDPR requirements too and it is our job to help you do that.
We use a small selection of trusted 3rd-party data sub-processors to deliver our services.
|Sub-processor Name||Website||Data Location||Purpose|
|Amazon Web Services||https://aws.amazon.com/||EU||Computing and data storage|
|Google Cloud Platform||https://cloud.google.com/||EU||Computing and data storage|
|Intercom||https://www.intercom.com/||USA||Customer support, communications and analytics|
|Close.io||https://close.io/||USA||Customer relationship management|
|Xero||https://www.xero.com||USA||Billing record keeping|
Sign a DPA (Data Processing Agreement)
Prodsight makes it easy for our customers to show that they use Prodsight in a GDPR-compliant way. To make it convenient and easy, we provide a DPA (Data Processing Agreement), which is a self-serve and easy-to-execute document pre-signed by Prodsight. It only requires an electronic signature from the user.
Once the DPA is signed by both parties it will then become legally binding. You can provide the DPA to auditors to show that you use Prodsight in a way that demonstrates your data is being processed in a way that meets your GDPR compliance obligation.
Please contact us at firstname.lastname@example.org to request a DPA for signing.