The General Data Protection Regulation (GDPR) is the European Union's new data protection law that mandates how companies collect and process Personal Data of EU residents. The GDPR will take effect on May 25th, 2018.
Who is impacted by the GDPR?
The GDPR applies to you if you are based in the EU, or collect and process Personal Data of EU clients.
How is Personal Data defined under the GDPR?
Personal Data refers to any information relating to an identified or identifiable individual; an identifiable individual is one who can be identified directly or indirectly by name, address, as well as online identifiers such as IP addresses.
What has Pixieset done to prepare for the GDPR?
Pixieset believes strongly in security and transparency for any data that is provided and collected by us. We have reviewed our processes in collecting and processing of personal data to prepare for the GDPR. We have updated our Privacy Policy and Terms of Service to be more clear and to reflect the new standards introduced by GDPR. Where necessary, we have entered into contractual commitments with third party subprocessors who help us provide the services. We have also incorporated a Data Processing Addendum (DPA) into our Terms to help you fulfill your obligations as Controller of your client's data.
Where can I find your Data Processing Addendum (DPA)?
You can find our Data Processing Addendum (DPA) here. The DPA addresses how we process data of your clients on your behalf. If you qualify as a data controller, this DPA is automatically incorporated into our Terms to help you fulfill the contractual requirements under GDPR. You are not required to sign this document.
Looking for more information?
You can read more about GDPR at GDPR.eu, or the ICO. You can review our updated Privacy Policy, Cookies Policy, Data Processing Addendum, and Terms of Service.
If you have any questions, please contact our team at privacy@pixieset.com.