Blue Strawberry & General Data Protection Regulation (GDPR)
In 2016 the European Commission approved and adopted a new framework for European data protection law called the General Data Protection Regulation (GDPR). The GDPR requirements will become effective on May 25, 2018 and will affect all companies who process personal data of individuals in the EU.
Here at Blue Strawberry we embrace the changes being brought in by this new regulation and see it as an opportunity to further improve how we communicate with you, use and share your data and fundamentally, how we place your privacy, security and rights at the forefront of everything that we do.
As both a data controller and processor, we have taken measures to ensure our compliance with the General Data Protection Regulation (GDPR).
GDPR preparedness checklist
We have been working hard over the recent months to ensure compliance with the General Data Protection Regulation (GDPR). Below is a high-level overview of the key activities we have performed:
- Appoint a Data Protection Officer
- Assess our product and business to determine areas impacted by General Data Protection Regulation (GDPR)
- Conduct an internal audit to ensure that all third parties and suppliers used by Blue Strawberry are GDPR compliant
- Perform necessary changes to the platform (incl. easier to access communication preference controls, explicit acceptance of Terms and Privacy Policies on signup)
- Update our Terms & Conditions
- Create a dedicated page to document our General Data Protection Regulation (GDPR) activities and compliance
- Create a dedicated page to outline how we secure our customers data
- Communicate our compliance with our customers
Frequently Asked Questions
Does Blue Strawberry have a Data Processing Agreement (DPA) we can sign?
Where does Blue Strawberry store its data?
Blue Strawberry has two server infrastructures, one is hosted in the UK with Nimbus Hosting Ltd in the United Kingdom and the main software is hosted by Amazon Web Services (AWS) in the United States of America. You can read more about our Security provisions and overview by heading to our Security section.
Can you delete my data or answer any other questions about my data?
Please email us if you’d like to exercise your rights under General Data Protection Regulation (GDPR). You can request to have your data deleted as well as request further information on how your data is being used – amongst other things.
How is my data being used?
As per General Data Protection Regulation (GDPR), we are continually auditing the third-party services that we use, in order to ensure that we are only making use of services that add value to Blue Strawberry, the product and its customers.
If you have any further questions please don’t hesitate to get in touch by emailing us on email@example.com.