GDPR Compliance

The EU General Data Protection Regulation (GDPR) sets a new standard for how companies should handle the private information of EU citizens. At FollowUpThen, we consider the GDPR a welcome addition to privacy regulation. As stated in our privacy policies, we are solely in the business of making people more productive. We do not broker data or otherwise monetize your personal information. Because of this fact, the GDPR has not created significant changes in how we handle personal data, in our security protocols or how we store information. We have, however, made some positive improvements.

Here are some of the updates we have made in our efforts to become fully GDPR compliant.

Privacy Policy
Our privacy policy has been updated to even more clearly reflect what personal information we store, how long we store it and how we use it. We consider the privacy of your emails to be extremely important. This was reflected in our earlier privacy policies, and now it is even clearer.

Account Deletion
We improved our account deletion process to more thoroughly remove remnants of personal data. A “delete account” link is (and has been ) available on our settings page that will erase your information from ours and our vendors’ systems.

Data Export
You can now find an export link on your your general settings page. Click this gives you a portable CSV file of your followups that you can take anywhere you would like. (Note: This may take some time to export depending on how many followups you have, so please be patient!)

Signup Process
Our signup process has been improved to meet the GDPR requirements. Namely, more prominent checkboxes for accepting terms and conditions.

Data Processing Agreements
We updated data processing agreements with our vendors to ensure they handle your personal information with the same level of respect that we do. If you are using FollowUpThen to process EU customer data, we also have a DPA that is available upon request.

GDPR enforces a layer of transparency and best practices for for handling private data. It has sparked conversations and dialog with our customers and vendors about how we handle private data, allowing everyone to be more clearly on the same page. We welcome this transparency and are always striving to become better stewards of the information entrusted to us by our customers. If you have any questions about our data handling, suggestions or feedback, feel free to contact us.

In the coming months, we will be tracking how the GDPR will be enforced and any changes to the legislation. We expect there to be many lessons learned by regulators and data processors while accommodating and enforcing these regulations. We’ll this page updated, along with our privacy policy, where relevant, with any changes.

 

About The Author