GDPR. Those 4 dreaded letters. The General Data Protection Regulation has instilled a certain amount of frenzy in the past few months. It is a new EU regulation introduced to harmonize data privacy laws across Europe to protect and empower EU citizens. But it needn’t be as scary or stressful as the media make it out to be (who would’ve guessed?). Admittedly, it was about time to update online data protection regulations, the previous one having been put in place a whopping 23 years ago. A time before Google (just), Facebook and Amazon.
The GDPR is being put into place to regulate the collection, storage, transfer and usage of personal data. For people, this is great news. For companies, this may mean a lot of paperwork but also an opportunity for companies to shine light on how they process personal information. Accordingly, these types of companies are coined controllers or processors, depending on what they do with the information. The controller determines the purpose and means of processing the personal data. Processors basically process personal data on behalf of the controller.
Naturally, due to the industry Channable is involved in, Channable is a processor as it processes a certain amount of personal data e.g. names, email addresses, and, if you use the order connection feature, order shipping information. Channable has received many inquiries into the actions that are being taken in preparation for GDPR. So to be more efficient, this post will cover how Channable is affected by GDPR and what you need to do.
The other personal data Channable processes is related to our order connection feature. As a processor, Channable doesn’t interpret or use the personal data that is received from order connections. However, as many of Channable’s clients are sub-processors/controllers and have inquired about documentation, Channable has created its own Data Processing Amendment (DPA) to save you time and effort.
To see whether you will need to read and sign the agreement Channable has made, just follow the flowchart below.
Depending on where you ended in the flowchart you will either have to do:
2) and read and sign the DPA
The new documents can be found in the tool under Company settings > Legal & compliance.
- If you use Channable, Channable may ask or gather personally identifiable information from you (e.g. email address, phone number, address) in order to contact, identify and invoice you
- Channable may also collect information that your browser sends (e.g. IP address, browser type, browser version, the pages in our tool that you visit, the date of your visit) in order to improve the Channable tool or its website
- Channable will never sell or trade any personal information to third parties
- Channable will do everything in its power to protect and secure your personal information
Some ways your data may be used:
- To deal with inquiries you send to Channable
- To create and administer records of how you use Channable
- To provide you with information and access to resources that you request from Channable
- To provide you with technical support
- To improve Channable’s website
- To improve Channable’s customer service
- To send you more information about the company and new possibilities within the tool (via newsletters that you opted in to receive)
The Data Processing Amendment
For customers who benefit from our order connection feature, the DPA will be found in the tool, awaiting your approval. The document explains what Channable does with all the personal data that is retrieved from the order connections.
In short the DPA document states:
- Channable uses 2 kinds of different “personal information”: 1) information for delivering technical support and 2) information of clients’ customers in the form of order information
- Channable processes the personal data from order connections to provide you with order synchronization and with technical support if you seek it
- Channable will not accept sensitive data (data that can be used to uniquely identify someone) for processing
- Channable allows you to delete personal data at any given time on request whilst you’re a paying client of Channable
- If you decide to stop using Channable and notify us of this termination, Channable will destroy or return any of your customer data that is in its possession if requested. Any deleted data will be properly deleted 30 days after the subscription has ended.
- The security measures Channable currently has in place to protect your data are: the pseudonymization and/or encryption of personal data, the ability to ensure ongoing confidentiality, integrity, availability and resilience of data processing systems and services, and regularly testing and evaluating whether these measures are effective
- The staff at Channable that work with personal data comply with Channable’s security measures
- If a data incident occurs, it will be immediately communicated to you via email
- If you would like to request an audit to verify our compliance with GDPR you are welcome to but you are responsible for any costs and you can only request it once in 12 months.
- Within Channable, you are able to access customer data, correct any inaccurate customer data, restrict the processing of it and export or delete it
- You authorize us to use sub-processors (though they’re only allowed to access and use customer data to the extent that they’re contracted to). A list of our sub-processors can be found in the document as they are subject to change.
Hopefully now you’ll be able to rest easy knowing that Channable has always prioritized data protection and privacy. Everybody at Channable tries their utmost best to deliver a service that you can trust in. If you’re not yet a customer of ours, feel free to create a free trial account or chat to one of our support members to find out more about how Channable can make selling online a piece of (safe) cake.