Blue Strawberry and the General Data Protection Regulation (GDPR)
In 2016 the European Commission approved and adopted a new framework for European data protection law called the General Data Protection Regulation (GDPR). The GDPR requirements will become effective on May 25, 2018 and will affect all companies who process personal data of individuals in the EU.
Here at Blue Strawberry we embrace the changes being brought in by this new regulation and see it as an opportunity to further improve how we communicate with you, use and share your data and fundamentally, how we place your privacy, security and rights at the forefront of everything that we do.
As both a data controller and processor, we have taken measures to ensure our compliance with the GDPR.
GDPR preparedness checklist
We have been working hard over the recent months to ensure compliance with the GDPR. Below is a high-level overview of the key activities we have performed:
- Appoint a Data Protection Officer
- Assess our product and business to determine areas impacted by GDPR
- Conduct an internal audit to ensure that all third parties and suppliers used by Blue Strawberry are GDPR compliant
- Perform necessary changes to the platform (incl. easier to access communication preference controls, explicit acceptance of Terms and Privacy Policies on signup)
- Update our Privacy Policy
- Update our Terms & Conditions
- Create a dedicated page to document our GDPR activities and compliance
- Create a dedicated page to outline how we secure our customers data
- Communicate our compliance with our customers
Frequently Asked Questions
Does Blue Strawberry have a Data Processing Agreement (DPA) we can sign?
As a Data Processor, our updated Terms & Conditions include the necessary data processing clauses. When we are acting as a Data Controller, the terms of our Privacy Policy will govern. If you specifically require a signed copy of our Terms & Conditions, then please contact customer.relations@bluestrawberry.ai and we will send you a copy to sign.
