May 25th this year, the new General Data Protection Regulation (GDPR) will be in effect.
The GDPR is an EU regulation that will focus on strengthening and unifying the data protection laws for everyone who lives in the EU. In Sleeknote data protection has always been one of our top concerns and thus welcomes the regulation.
In Sleeknote we have been working for the last 6 months on planning and executing plans, to make sure we are 100% GDPR compliant.
Before we continue, here are a few definitions you need to know when reading ahead and to understand GDPR
Processor:This is us, Sleeknote, we process the data for you the controller
Controller:This is you, the Sleeknote user, who controls the data for the data subject
Data Subject:The visitor on your website who data is gathered about
During the next months, you will see various changes or additions to both our Terms and agreement and to our products. You will also have to take some actions. You will find everything you need below.
To make it easier for you to see exactly what data you have collected in your SleekBoxes or SleekBars about individual people we will add the ability to
We will start to automatically delete data collected through SleekBoxes or SleekBars older than 3 months. This will be in effect from 1st of June and forward and means that the first time we actually delete data is the 1st of September.
In short, the 1st of September you will only be able to download a CSV with emails going 3 months back to 1st of June.
Analytics data, will keep going back to the first day you started using Sleeknote.
All your data, including analytics data will be completely deleted on your request.
If you are in the European Union you want to sign a DPA with Sleeknote. The DPA will reflect our agreement that will govern the processing of personal data.
In other words, it’s an agreement that we, Sleeknote, can process personal data on your behalf, and what that ensues.
The DPA is an addition or amendment to the Terms and Agreement.
The DPA can for many people be hard to understand (it’s written by lawyers) so we have tried to translate it to a more humanly readable language, on this page.
To be compliant with the GDPR, your terms and agreement must reflect that you are collecting personal data.You can also decide here to inform what data you are collecting with Sleeknote (or other similar tools)
Read more about data you can collect with Sleeknote here: data
A big part of the GDPR is to make sure you have a legal basis for collecting personal data.There are 6 legal reasons, but we recommend using either the first or the last.The first is consent. Consent means that the visitor is agreeing to you collecting the data, that means that all SleekBoxes and SleekBars should have a checkbox where the visitor can agree to you collecting and storing the data.Remember to inform that you are using Sleeknote and your Email Marketing Service as the data processor.
For analytics data, you can decide to either user consent or legitimate reasonsIf you decide to use consent, all visitors on your site must be informed and agree to you gathering data, (just like a cookie bar)If you decide to use legitimate reasons, you have to inform in your terms and agreement that you are gathering the analytics data, and what you are using it for.
These reasons could be: