Call Now - 936-569-0447
BoatCloud's GDPR Compliance
Everything you need to know about BoatCloud's GDPR compliance
BoatCloud is committed to privacy, security, compliance and transparency. This approach includes supporting our customers’
compliance with EU data protection requirements, including those set out in the General Data Protection Regulation (“GDPR”),
which became enforceable on May 25, 2018.
What is GDPR?
The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a regulation by which the European Parliament,
the Council of the European Union and the European Commission intend to strengthen and unify data protection for all
individuals within the European Union (EU)
To Whom Does the GDPR Apply?
One way in which the personal data of an EU citizen could be collected when using BoatCloud is when you build a database of
contacts, their information, and business dealings with them (i.e. a CRM system). Not all customers will be "data subjects", as
data subjects are only individuals. Some customers may be businesses or government organizations, which the GDPR does not
apply to.
Is BoatCloud GDPR compliant?
Yes, everything is set for BoatCloud to be compliant with the GDPR as regulated in May 2018.
More GDPR FAQs:
How will you verify to customers that you are in compliance with the new regulation?
If you wish for formal verification, you can provide us with your Data Processing Agreement template, which we can return filled
and signed.
How is sensitive information stored, and do you have processes in place in the event of a data breach?
Sensitive information is stored securely, with limited access. We react to Data breaches immediately, by notifying affected
parties.
For how long do you store customer data?
We store customers' data only for the time of using our services or until they request to delete their data.
Where is your customer data physically stored?
Data of our EU customers are stored in a U.S. datacenter hosted by LiquidWeb.
Which of your teams will have access to customer personal information
We access customer's personal information only based on a request by the customer or with the customer's approval. In most
cases, it is the customer support team or our development team.
How does your organization handle instances when customers request their data be removed from your system(s)?
When a customer requests deletion of their data, we proceed with the deletion as requested.
What third party organizations do you work with that may also have access to the data we share with you?
No other parties have access to the data.
What new safeguards or processes have you implemented to meet the May 2018 regulations?
Most of the safeguards and processes have been in place before because we don't take privacy of our customers' data lightly.
We are implementing more guidelines on how to handle sensitive data, how to react to incidents and data breaches and more.
What processing operations are done by the Data Processor (BoatCloud)?
All actions necessary to provide adequate customer support and reliable service.
Who are the Data subjects?
Persons whose data have been shared with the customer or with BoatCloud.
How are cross border transfers handled, who is the data exporter and who is the data importer?
We do not do cross border transfers of data.
HTTPS Encryption
All BoatCloud hosted accounts run over a secure connection using the HTTPS protocol. Hyper Text Transfer Protocol Secure
(HTTPS) is the secure version of HTTP, the protocol over which data is sent between your browser and the website that you are
connected to. It means all communication between your browser and BoatCloud is encrypted, including your chat and email
communication.
Secure credential storage
We follow latest best practices to store and protect user login credentials and passwords in the cloud.
API Security
BoatCloud REST API is restricted to accredited users based on username and password or username and API tokens.
Features/functionality to assist you with GDPR compliance program
BoatCloud provides customers the option to delete Service Data that may contain personal data, such as profiles, tickets,
images, and attachments, in active BoatCloud accounts. Within BoatCloud, Administrators and Employees (collectively
described as “Users”) have profiles with hierarchical privileges.
Customer Profile Deletion
BoatCloud currently supports the deletion of profile information as described here. Admins can delete profiles of all Users and
Customers. BoatCloud retains Account Owner information in order to continue to provide its service. When an account is
terminated, BoatCloud follows its Data Deletion Policy for remaining profile information.
Additional Resources
BoatCloud Security Policy
BoatCloud Terms & Conditions