If you are working on the European market, by now, you must have heard about GDPR (General Data Protection Regulation), the new bill on data protection becoming effective on May 25, 2018.
At MyOwnConference, we have got ready for the new requirements and hope you have done so, too. If not, it’s not worth putting this off, as the fines advertised are quite impressive. Moreover, adherence to these requirements will make your service even better.
Sure thing, it is close to impossible to make your website and business meet all requirements within just one day (while the requirements contain about 100 pages of small size text. Nevertheless, it is worth understanding that it is important for running business, even if you’ve got only one client from the EU.
Changes at MyOwnConference
We have paid special attention to personal data protection by using only trustworthy data centers and payment systems. When developing our software, we adhere to strict requirements, thus the new regulations have failed to become something new to us.
We use only the TIER-III datacenters. This allows us to ensure the maximum possible security of personal data stored on the rented servers. Additionally, we use end-to-end SSL encryption, which means the data transferred inside the data centers go exclusively via SSL tunnels. Consecutively, all user data both inside and outside the system are protected using 2048 bit and 4096 bit SSL certificates. All user data are transferred exclusively via protected channels.
We have reviewed and updated our User Agreement, Security Policy and other documents for our clients to know the data we gather and the aims we pursue when gathering them, as well as how long the data are stored, how well they are protected and how it is possible to delete them.
Our team hold training regularly, instruct our personnel, and check all our systems to be 100% confident in our service security.
We have added two-step authentication for your accounts and improved automatic data deletion.
With our platform’s help, it is easy to manage the subscriber’s data, e.g., adding, deleting or changing, exporting in the necessary format. You can find the subscriber in question by using the search functionality. Emails have got buttons for confirmation and unsubscribing.
Controlling your personal data security is performed and enhanced constantly.
What this means to our clients
Our recommendations are intended for information purposes only and are not an alternative to legal consultations. MyOwnConference shall not be held liable for the precision, completeness or applicability of these pieces of advice for any purpose.
Changes connected with personal data protection at websites and services having implemented GDPR will positively affect the users. All the websites’ “policies” shall be written in comprehensible language. If you have submitted your email for registration confirmation, you should be sure you would not receive advertising as a bonus, unless you have explicitly allowed it. No personal data can be transferred to anyone without your explicit permission.
You have the right to amend or delete your data from the service platform, obtain information about the aims and ways of data processing and much more.
Who shall take measures regarding GDPR
If your company offers at least one of the below, you would need to consider the GDPR requirements.
- If you work with the EU clients, offer them services or goods; collect, store or use their data. If your website is localized into one of the EU languages or the prices listed there are in the currencies used in the EU, it means you address the EU citizens with your offer.
- You are located within the EU territory.
- Remember that when collecting data from the EU-based attendees of your webinars (first name, last name, email or Skype ID, sphere of activity etc.) you fall within the scope of GDPR applicability, even if these data are stored at the webinar platform.
But do not get scared. You would need to reconsider the way you store and use information from your attendees and clients.
What to check?
- You should always request permission for personal data processing. Using special checkboxes and inscriptions under buttons or directly on them are examples of how to arrange this.
- First of all, review your landing pages and email campaigns, gather only the data you really need, and inform your attendees about the aims you would use those data. For instance, that could be reminders about an upcoming webinar. If you would like to send direct emails, you would also mention this and request user’s confirmation.
- Check whether you have confirmation of sending our emails only to users having confirmed subscription.
- Check whether webinar attendees or subscribers have a possibility to delete personal data and unsubscribe from emails.
- Check whether subscribers’ personal data are used only for the purposes they permitted.
- Check availability of information about you and your contact information.
- Check your security policy, particularly: how long you store the data, how they can be amended or deleted, or how you use them.
- Delete the data as soon as you no longer need them for providing services or after a request has been received from the owner of these data.
If you have any questions regarding your data or our Security Policy, feel free to contact our Online Support or send us an email to firstname.lastname@example.org