The GDPR is a new EU privacy law that that comes into effect May 25, 2018. The intention of the GDPR is to harmonize and strengthen data privacy laws across Europe and provide individuals in the EU with expanded privacy rights while increasing the obligations of organizations that collect and process personal data.
Who does it apply to?
The GDPR is far reaching applying to any organization - even non-EU based organizations - that offer goods or services in the EU or that monitor the behavior of individuals in the EU.
Therefore, if you market your products in the EU or monitor the behaviors of any individuals in the EU you will be subject to the GDPR.
What does the GDPR mean for your business?
The GDPR imposes a wide range of obligations on both data controllers and data processors that process personal data. These obligations start with establishing a lawful basis for collection of personal data and continue with the need to assess risks, document data processing practices and securing data.
Companies will need to work with their legal team to ensure compliance with the GDPR. Clicktale is here to help its customers with their compliance needs.
The GDPR applies to personal data where personal data has been defined very broadly including online identifiers such as IP address and cookie identifiers. This means that even if you don’t collect information that is clearly personal data such as person’s name or address you may still be subject to the GDPR. Organizations must take steps to understand what data they are collecting as well as how that data is being accesses, stored and used to ensure compliance with the GDPR.
When using Clicktale, as a data controller you will have certain responsibilities under the GDPR. Such responsibilities include being transparent with your users and providing them appropriate notice of your privacy practices. You will need to work with your legal teams to determine the legal basis under which you are collecting and using personal data – which may include, where necessary obtaining consent. You will also need to have procedures in place to comply with the expanded individual rights provided under the GDPR including the right to object to processing, to be deleted, to have data exported and the right to access data. Clicktale will support you in your obligations to comply with any such individual rights requests.
Clicktale in its capacity as a Data Processor for its customers acts on behalf of the customers and will process personal data only in accordance with customer instructions as defined in the agreement between Clicktale and customer. Clicktale is committed to maintaining a high level of security over the data and having appropriate processes in place to ensure compliance with notification requirements under the GDPR as well as with customer requests in connection with any individual rights requests. You may contact firstname.lastname@example.org at any time with any questions or requests.
Clicktale provides various tools to enable its customers to block information from being collected through the Clicktale service. Clicktale also implements, by default, certain safeguards to ensure certain data is not collected. By way of example, by default Clicktale does not collect the value of any keystrokes typed by a visitor on your website. Furthermore, Clicktale will block all other information within your page that you identify as personal information using Clicktale’s tools. Clicktale does however utilize a cookie identifier to provide the service and does initially obtain an IP address (although it does not save the IP address and immediately anonymizes the IP for the short duration that it does have it). More information is available here: https://www.clicktale.com/company/security-overview/
Yes. Clicktale has a specific Data Processing Agreement intended to cover all terms as required under the GDPR. If you do not already have an updated Data Processing Agreement in place with Clicktale we urge you to sign the Data Processing Agreement provided on this Website and return it to email@example.com
Even with the above, please be assured that Clicktale continues to assess the requirements under the GDPR and to follow any developments in the industry with respect to the GDPR and will respond accordingly to ensure it provides the necessary solutions to maintain compliance with the GDPR.