General Data Protection Regulation
The General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy for all individuals within the European Union. For EUR residents, the regulation aims to increase their control over their personal data. For businesses, the GDPR becomes a unifying regulation across the EU. Once the GDPR takes effect on the 25th of May, it will replace the 1995 Data Protection Directive.
Who is Affected
The GDPR regulation applies to any EU residents' data, regardless of where the processor or controller is located. This means that if you’re using LeadGibbon from a non-EU location to reach out to other non-EU corporations, the regulation does not affect you. But if any of your customers or contacts are located in the EU, you will need to comply with the GDPR.
The team at LeadGibbon is fully committed to complying with the requirements of the GDPR. Our policy experts have closely analyzed the requirements of the GDPR and continue to monitor new guidance on best practices for implementing the requirements of the GDPR. We have taken these new requirements seriously, and have made the required changes to our products and policies to ensure that we are fully in compliance with the GDPR before May 25, 2018.
Our Approach to Compliance
Our Product and Operations team has implemented the necessary security protocols ensure that our user's data is secure. Data is pseudonymized, and encrypted where applicable. We're implementing automated safeguards at the application and infrastructure level as a proactive means of keeping user data safe and ensuring compliance.
In addition we stand ready to support customer requests regarding an EU citizen's rights to:
- Be forgotten: You can terminate your LeadGibbon account at any time; we will delete all non-accounting related personal data on your account.
- Rectification: You have the right to request an update to your LeadGibbon account information at any time in order to correct or complete your personal data.
- Portability: You can request to receive your personal data in a structured, commonly used and machine-readable format so it can be transferred to a third party at any time.
Worldwide Product Compliance
Many of our customers operate in multiple jurisdictions around the world. To ensure a consistent user experience, LeadGibbon has adopted the GDPR requirements to our entire platform and supports it worldwide. We believe that use of uniform rules and program logic will enhance all LeadGibbon customers’ ability to comply with the GDPR requirements.
Personal data will be retained by LeadGibbon in such a way that you can be identified only as long as is necessary for LeadGibbon’s processing activities (“Processing Date”). LeadGibbon will adopt the same retention policy for all users and contacts regardless of their place of residence, which will follow the reasonable mandatory retention period, which is 7 years as from the Processing Date
Please note that we may retain the personal data we collect for as long as needed to provide our Services and to comply with our legal obligations, resolve disputes and enforce our agreements.
If you wish to remove data captured through the use of our Services and stored in your Google Account, you can do so by deleting this data from your Google Account. For more information on G Suite and Google Cloud Platform commitments to the GDPR, visit the following link.
Please note that in some cases, you may encounter your personal data again after your request for removal. In this case your personal data was collected from publicly available information on the world wide web, contributed by partners or through other means that do not include access to your device. Our recommendation is to periodically check that your accounts include only the personal data you choose to have displayed.