Home Products Downloads News Store Support Forums

Stan's Blog

Stan's Blog

Tips and tricks on how to use Maxprog products

Compatible with MS Windows Compatible with MacOS

 Share this page! 

What is the GDPR and why does it concern us?

Topics

The European Union (EU) introduced a landmark regulation called the General Data Protection Regulation (GDPR in short) on the 25th of May.

The goal of GDPR is to give EU residents drastic improvements to their privacy rights and control over their personal data, and to protect them from privacy breaches and leaks.

Every organisation that handles, markets or tracks the personal data of EU residents is concerned, even if they are not based in Europe. In the case of software companies which typically sell their products globally, this means that this new regulation will apply to everyone, no matter where they are based.

There are strong penalties in place for non-compliance: up to €20m or 4% of global annual turnover, whichever is higher.

Making sure we were compliant, and that the personal data of the customers buying our products was treated correctly, whilst continuing to provide a great customer experience has been an important focus for us over the past few months.

Here are the main concepts of the GDPR:

Personal data requires lawful processing. This means that you shouldn’t buy email lists where you don’t know how consent was acquired.

Customers should specify exactly what communications they want to receive. This means that the language explaining how we will contact you needs to be very clear and respect certain rules - leading to fewer unsubscribes and spam reports.

Customers will have a right to transparency around the collection and processing of their data. This means that you will be able to ask us for the data we store on you, and receive it in a simple format.

Customers can request the right to be forgotten. This means that if you ask us, we will remove all your personal data.

How We Handle Customer Data

We collect customer data during our checkout process for payment processing and order fulfilment purposes. These include name, location, contact details, and billing information.

The personal data provided to us is protected under the GDPR.

We have a legitimate interest to use customer provided data for product fulfilment, order processing, fraud prevention, and product support.

Legal Documentation

Our legal team is busy writing updated terms and conditions, along with helping us to update our customer facing privacy policy.

Data Transfer & Sharing

Rules for transferring data outside of the EU haven’t actually changed under GDPR, and whilst we process data outside of the EU, we do so in a way which is fully compliant with EU law.

We process and store data in the US using infrastructure and data solutions provided by Pair Networks. Pair Networks is certified under the EU-US Privacy Shield, and as such, the transfer and processing is compliant without the need for additional consent.

During our checkout process customer data is securely shared with our payment providers. These providers are both GDPR and PCI DSS compliant. Sharing is necessary to facilitate the payment process. In addition, anonymized data is also shared with a number of GDPR compliant fraud monitoring platforms.

Our platform implements industry best practices for data security, including encryption at rest and in transit, access control, and auditing. Keeping customer data private and secure is extremely important to us at Maxprog.

Cookies & Tracking

We use a small number of GDPR compliant tracking and monitoring platforms. These services use a combination of temporary and long lived cookies to be able to identify unique user journeys. These services are used internally only for platform diagnostics and product improvements.

The data collected is not shared with any outside parties, nor is used for any activities which would require further GDPR compliance or an opt-out. They are necessary to ensure the reliable operation of our platform.

› More information on GDPR here: https://en.wikipedia.org/wiki/General_Data_Protection_Regulation
› Maxprog GDPR Privacy Policy: https://www.maxprog.com/site/misc/privacy_us.php

This post is based on Paddle GDPR post.


Stan Busk - Software Engineer
at www.maxprog.com



Did you like this post? Share it!


 !  IMPORTANT NOTICE: Our office will be closed for holidays from June 6th, 2018 until July 10th, 2018 inclusive, our support may be limited so please expect a delayed response during that period. More information here. Thank you for your patience and understanding.

   

Home Products Downloads News Store Support Forums