What is GDPR?
The General Data Protection Regulation (GDPR) is effective May 25, 2018, and is one of the most important changes to data privacy in decades. The new regulations expand controls European Union (EU) Data Subjects (the people who use your app, website or other service) have over their personal data and holds companies much more accountable for managing consumer personal data.
GDPR expands the regulatory environment for international business by enhancing obligations on organizations handling data. Even if you do not have a presence in the European Union, collecting personal data or behavioral information from EU Data Subjects makes your company subject to the requirements of the GDPR. No matter what size your company is, your organization could face heavy fines for failing to comply.
How Apptentive Helps
When the Apptentive SDK is deployed within a digital property, Apptentive acts as the Data Processor and our customer is the Data Controller of consumer data.
Apptentive is committed to consumer privacy and:
- our Customer Success team will work directly with our customers (the Data Controller) to assist them in meeting their GDPR obligations.
- will ensure our products continue to support GDPR compliance and strong privacy controls.
- can assist the Data Controller in demonstrating compliance to all of its stakeholders.
- helps the Data Controller respond to requests that data subject makes regarding their rights to be informed, access data, rectify data, and erasure.
GDPR aligns with what has long been Apptentive’s product strategy: enabling companies to love their customers. Our Customer Success team guides our customers to think about engaging people at the right time, in the right place, in the right way, and to be thoughtful about what is right experience for the consumer. This includes being transparent about how personal data is being used. For us, “Customer Love” includes respect for consumer privacy and trust and making it a priority to protect consumer data.
Apptentive is certified for the EU-US Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. The Privacy Shield Framework was created by the US Department of Commerce, the European Commission, and the Swiss Administration as a valid legal mechanism for companies to comply with data protection requirements when transferring personal data from the European Union and Switzerland to the United States. You may view Apptentive’s Privacy Shield certification at https://www.privacyshield.gov/participant?id=a2zt00000008PSNAA2&status=Active.
Data Processing Agreement
When Apptentive customers process EU personal data using the Apptentive platform, they must first sign our Data Processing Agreement (DPA). Apptentive typically includes a prepared DPA in our contract documentation and encourages our customers to make use of it as it most accurately describes specifics within our product.
If you are a current Apptentive customer who has not signed our DPA, please contact your Customer Success Manager.