Cazoomi and the GDPR: Ensuring Subscribers’ Secure Data Protection

GDPR

Hi SyncApps integration subscribers, partners and fans.

Today, we’re going to take a look at something on the mind of all marketing and CRM users out there around a new law coming into place this May, the GDPR.

General Data Protection Regulation (GDPR) is the new regulation for a stronger data protection of EU citizens that replaces the outdated 1995 Directive. The enforcement of this new regulation begins on May 25, 2018, and everyone is required to comply if doing marketing to any EU entity or person, especially in focus are companies that process personal data of EU citizens.

Cazoomi is a Cloud Data Integration Software Company that collects, stores, and transfers customer’s data, and is now also a GDPR compliant company.

Since late 2017 Cazoomi has been proactive in taking the needed steps toward GDPR compliance to strengthen our subscribers’ personal data protection with a focus on the new regulation.

Why Protect Your Data?

1. Data Control
Cazoomi will be more in control of your personal information and ensure that it is handled and processed only by authorized users. According to the GDPR, we will only process data for authorized purposes, ensure every customer’s data are accurate and transparent, minimize subjects’ identity exposure, and implement data security measures.

2. Data Security
To increase security obligations, Cazoomi will conduct risk assessments and security measures to lessen possible risks. And to strengthen the security of your data, we will encrypt every customer’s data to avoid data breaches.

3. Right to Erasure
Also known as the right to be forgotten. This means that even after collecting your personal data, subscribers can always demand to completely erase their data from all repositories and databases.

4. Risk Mitigation and Due Diligence
Cazoomi must assess privacy and security of all customers, and will demonstrate steps to keep privacy secured. To mitigate risks, Cazoomi will conduct risk assessment, and implement measures to ensure security and demonstrate data control.

5. Breach Notification
When privacy and security are threatened and/or a data breach occurs, Cazoomi will notify customers within 8 hours and describe in detail the data breach’s repercussion and our solution.

How the GDPR impacts Data Processors like Cazoomi

Cazoomi, as a Data Processor under the GDPR, is obliged to directly inform and notify subscribers about data breaches as well as implementing organizational measures to ensure protection of customers’ personal data. Cazoomi has appointed a Data Protection Officer to help subscribers through the process.

To Data Processors like Cazoomi, Data Processing means collecting, transferring, and storing your data. It is anything that is done to or with an individual’s data.

In Data Processing, there are three important things to remember:

1. Transparency
Cazoomi will be transparent about your data. Transparency means demonstrating to our subscribers for which reasons we are processing which data. The purpose and reason for collecting, storing, transferring, and using an individual’s personal data needs to be made clear to the data subjects.

2. Liability for Data Management
The requirements under the GDPR stated that the processors act only upon instructions from the controllers, and processors need to take applicable measures to keep subscribers’ data secure. It is the Data Processors obligations to keep the data confidential to all employees and agencies.

3. Consent
Consent is the core principle of data protection law. It is one of the several legal grounds in processing personal data under the current Directive. Obtaining an individual’s consent prior to processing their personal data is the best way to prove legality. Consent must be clear, informed, specific, and it must be in writing.

At Cazoomi we have always placed our subscribers’ privacy above all else in the past 7+ years and will continue as we grow our subscribers, partners and fans into the future.

Speaking of super cool partners, if you’re up for a cool blog around GDPR by our billing platform, Cheddar, take a look here.