The EU General Data Protection Regulation (GDPR) will set a new standard for how companies use and protect EU citizens' data. It will take effect from May 2018.
At Hey Oliver, we've been working hard to prepare for GDPR, to ensure that we fulfil its obligations and maintain our transparency about customer messaging and how we use data.
We've been asking lots of questions, and our customers have been asking us questions.
Here's an overview of GDPR, and how we are preparing for it at Hey Oliver:
The EU General Data Protection Regulation ("GDPR") is a new comprehensive data protection law that comes into effect on May 25, 2018. It will replace existing EU Data Protection law to strengthen the protection of "personal data" and the rights of the individual. It will be a single set of rules which govern the processing and monitoring of EU data.
Does it affect me?
Yes, most likely. If you hold or process the data of an any person in the EU, the GDPR will apply to you, whether you're based in the EU or not.
How is Hey Oliver preparing for GDPR?
Our teams have been working to define our GDPR roadmap. This is a massive overhaul of processes and data models to make sure we're meeting our legal obligations, and doing the best thing for our customers while still letting us move fast, scale and build great products.
Here are the main things we did to ensure we're setting up ourselves and our customers up to meet GDPR obligations:
We've built new features
Our teams are building the necessary features that will enable our customers to easily meet their GDPR obligations.
Hey Oliver can help you meet your data portability requirements for GDPR, you can easily export data linked to an individual and permanently delete all data linked to an individual user.
We've appointed a Data Protection Officer
We're coordinating with our vendors
We're reviewing all our vendors, finding out about their GDPR plans.
We're taking new security measures
Security is a priority for us. We have regular external audits, pentests and bug bounties. We've built a robust security framework over the past couple of years and reviewing our internal access design to ensure the right people have access to the right level of customer data.
Feel free to reach out to us if you have any questions about GDPR - we'd be happy to talk to you about it.