What is GDPR?
The GDPR is the primary law regulating how companies protect EU citizen's personal data, which went into effect on May 25, 2018.
- Gives individuals broader rights and control to their data
- Strengthens and standardizes user data privacy across the EU
- Requires new and additional obligations from all organizations that handle EU citizen's personal data, regardless of which country the organizations are registered.
At ToneDen, we've always taken privacy seriously for our users, and we have been working on changes over the past year to help every ToneDen user better understand and control their privacy and their data regardless of their location.
How will ToneDen be prepared for GDPR?
ToneDen provides a number of marketing tools that make it easy for creators, brands, and businesses of all kinds to reach, engage, and delight their audiences across social media. By nature, we've designed these tools to be consent-based, where users specifically give consent to enter and engage with campaigns: the data that they provide is only shared with the owner of that campaign. In more technical terms, ToneDen operates as a processor of data (Data Processor) on behalf of you, the customer, who inherently owns the data and decides what to do with it (Data Controller).
We've been slowly implementing a number of changes for our platform to be compliant, and more importantly, give your fans and customers the ability to understand and control the data they provide to you.
Here are upcoming changes that we've been rolling out:
- You can now contact us directly at firstname.lastname@example.org for any concerns, requests, or questions about privacy and data.
- We've appointed a Data Protection Officer
- We've built a Privacy Portal that provides information on what data we collect, how it's used, and how you can request any information around processing, transferring, or removing your data.
- We've added a list of our Vendors to be more transparent about what, with who, and how data is shared with third-parties.
- We've updated the opt-in experience for how people engaging with your campaigns can give explicit consent to subscribe to your contact lists
- We've added a new universal "Opt-Out" feature across all campaigns and in our Privacy portal for end users engaging with your campaigns to easily remove themselves from your contact lists.
Here are ways we have always been compliant for GDPR:
- Using trusted and certified compliant data-centers that are certified under EU-US Privacy Shield
- Encryption of data using TLS 1.2 in transit and at rest with AES-256
- A live chat and support center that handles any privacy and data requests in under 1 business day
- The ability to "be forgotten" with a one-click feature to permanently erase any information and data with your account on ToneDen
How will we be improving how ToneDen registered users control their data?
- We're rolling out a new settings interface that provides advanced options for seeing and exporting the data that you own on ToneDen, deleting specific sub-account data, and completely erasing all data that you have on the platform.
- We'll be rolling out 2FA authentication to better secure your account
- We're improving the importing and exporting interface to help you avoid handling any data that may not be in compliance
How will we be improving how consumers that engage with your campaigns can control their data and consent?
- We're redesigning our consent methods across all campaigns to clearly describe the intent of the actions a consumer may perform on a campaign
- We're adding a new privacy toolbar across campaigns that makes it easy for any consumer that engages with one of your campaigns to opt out or be forgotten with just one click
- We're improving our cookie consent banners across campaigns that employ any kind of cookie tracking to make it easy for consumers to understand and opt-out of being tracked
You can expect these changes to be available to all users before May 25th, 2018.
We'll continue to improve and invest in our platform to provide you with the tools and services that let you continue reaching the people that matter.