iVvy Making GDPR Compliance Easy
Posted on 3 April 2019 Tags: newsGeneral Data Protection Regulation out of Europe requires businesses to meet additional obligations for their data security and individual privacy. As part of these new laws, all businesses (whether they are from within the EU or not), will need to implement a range of enhanced protection procedures when dealing with individual data in the European Union. This will impact both the organisations like iVvy who are the “Data Processors”, as well as your company, the “Data Controller”.
- Cookie Usage Notification – you will have the option to turn on a notification that your website has cookies enabled, if you are using visitor tracking technology like Google Analytics.
- Contact Anonymisation – iVvy has a new feature that will allow you to anonymise private individual information of contacts that have registered for your events.
- Access – We have a new feature that will allow you to export an JSON file to display all the information you have stored on a contact within the iVvy platform that can be provided to an individual. iVvy also has a feature that allows individuals to see what information is stored on them with a link included at the bottom of all email campaigns sent to the individual. Additionally, the contact can unsubscribe from email and SMS campaigns using the unsubscribe feature.
- PCI Compliance – iVvy has achieved level 1 compliance with third party auditors, confirming we meet the strictest security requirements.
- ISO27001 Compliance – iVvy operates to the ISO27001 standards.
- Data Storage – Data is stored in the region of the account that it is opened. We currently have 3 data regions in the UK USA and Australia. Data is not shared between regions and never transferred outside the data centre by iVvy.