Data Protection
The General Data Protection Regulation (GDPR) is a European privacy regulation which replaces the EU Data Protection Directive called Directive 95/46/EC. The GDPR aims to strengthen the security and protection of personal data in the EU and harmonize EU data protection law. The effective date for GDPR is May 25, 2018\. It provides data subjects with an array of privacy rights, which provide individuals with greater transparency into and control over uses of their personal information.
1. What is Closers doing for the GDPR?
We are big fans of GDPR here at Closers because we think it gives individuals important rights over their data. It helps us provide an even better level of trust with users regarding how their data is processed and stored over the internet. We also believe GDPR is the new global standard for data protection and we continuously work to maintain compliance with GDPR. Closers is committed to always operating in the best interests of our customers and this includes compliance with GDPR. We are constantly learning from external GDPR experts who specialize in compliance, gathering information, and making the needed investments as required by law. Furthermore, we are communicating with our customers around the world to answer their questions and to help them use Closers's services in compliance with GDPR.
2. GDPR Key Principles
Several major principles underpin many of the requirements found in the GDPR in regards controlling and processing the personal data:
Fairness and Transparency
Organizations must always process personal data lawfully, fairly, and in a transparent manner.
Purpose Limitation
Organizations can collect personal data only for specified, explicit, and legitimate purposes. They cannot further process personal data in a manner that’s incompatible with those purposes.
Data Minimization
Organizations can collect only personal data that’s adequate, relevant, and limited to what’s necessary for the intended purpose.
Accuracy
Personal data must be accurate and, where necessary, kept up to date.
Data Deletion
Personal data must be kept only for as long as it’s needed to fulfill the original purpose of collection.
Security
Organizations must use appropriate technical and organizational security measures to protect personal data against unauthorized processing and accidental disclosure, access, loss, destruction, or alteration.
Accountability
A data controller is responsible for implementing measures to ensure that the personal data it controls is handled in compliance with the principles of the GDPR.
3. Data Controller vs. Data Processor
In order to fully understand who is responsible for which personal data, you need to understand the difference between the data processor and the data controller.
Data processor
You are the data processor when you process personal data on behalf of a data controller.
Data controller
You are the data controller when you decide the "purposes" and "means" of any processing of personal data.
Closers as a Data Processor
Any places and people you reference or store in Closers are your data subjects, and you are considered the data controller for this personal data. Using the Closers app to discuss or communicate about your customers means that you have engaged Closers as a data processor to carry out certain processing activities on your behalf. According to Article 28 of the GDPR, the relationship between the controller and the processor needs to be made in writing (electronic form is acceptable under subsection (9) of the same Article). This is where ourUser AgreementandPrivacy Policyare relevant. These two documents also serve as your data processing contract, setting out the instructions that you are giving to Closers with regard to processing the personal data you control and establishing the rights and responsibilities of both parties. Closers will only process your client data based on your instructions as the data controller.
Closers as a Data Controller
Additionally, Closers acts as the data controller for the personal data we collect about you, the user of Closers services including website, web app, mobile apps. We process your personal data necessary for us to perform our contract with you (GDPR Article 6(1)(b)). We process your personal data to meet our obligations under the law (GDPR Article 6(1)(c)). This primarily involves financial data and information that we need to meet our accountability obligations under the GDPR. We process your personal data for our legitimate interests in line with GDPR Article 6(1)(f).
4. Individual Rights
The GDPR grants you a number of rights regarding how Closers handles your personal data.
Data Access
You have the right to confirm with Closers whether Closers is processing your personal data.
Right to Object
You can, in certain cases, object at any time to the processing of your personal data, in particular if the processing is for direct marketing purposes.
Data Rectification
You can send us a request to correct or complete personal data if the data is inaccurate or incomplete.
Restriction of Processing
You can request Closers to stop access to and modification of your personal data.
Data Portability
Closers will export your data for your points and highlights in CSV format so that you can transmit your own personal data to another company. In certain cases, you have the right to ask Closers to provide additional personal data, also in a structured, commonly used, and machine-readable format such as a CSV file.
Right to Erasure
This is also known as “the right to be forgotten.” This right empowers you to request that Closers delete or remove your personal data in situations such as when the data is no longer needed for the original purpose, when the data subject withdraws consent, or when the data subject objects to the processing and the controller has no overriding legitimate interest in the processing. Closers provides you this functionality in the profile settings section of the Closers application.
Contact
If you have any questions or feedback, or need to reach our Data Protection Officer, please reach out to our support team by email at[email protected]