Data Privacy & GDPR
We take your privacy very seriously and have adopted the Privacy by Design principles that underpin GDPR. We’ve done this, not just to comply with GDPR, but because it is good business practice. What’s great about GDPR is that it has given clear guidelines on what is required.
Want to know more about GDPR and the benefits? Read this blog post.
3 areas where we are addressing GDPR internally
Updated GDPR-compliant processes
We’ve implemented internal processes that support the specific GDPR requirements, but also updated other customer facing processes. We’ve used the free examples in Elements.cloud because we use it internally #drinkingourownchampagne.
Built Data Inventory with categorized fields
We use a number of apps to run our business with the Salesforce platform as the core app for our customer data. We’ve used Elements.cloud to build Ref Models for each app to categorize all the fields where we hold Personal Data. It’s a Pro feature in Elements.cloud but totally worth it.
Vendor evaluation of our app providers
We are only as good as our weakest link (app), so we have audited the suppliers of the apps we use to understand how they help us comply. For some it has been an uphill struggle and we have decided to stop using them.
Manage your Data Privacy
We probably hold your data in a number our systems if you registered to use Elements.cloud, have attended one of our webinars, talked to us at an event or downloaded any content on our website.
Under GDPR you are able to make different requests which must get a response within 30 days.
- Subject Matter Access (Articles 15 & 19): to tell you where we hold your data
- Right to Rectification (Articles 16 & 19): you need us to correct inaccurate personal data
- Erasure “right to be forgotten” (Articles 17 & 19): you want us to delete all the personal data we hold, provided we are not prevented by law
- Right of Restriction of Processing (Articles 18 & 19): this is to stop us using your personal data if we are prevented from deleting it
- Right to Receive Personal Data (Articles 19 & 20): you want to receive your data in a “structured, commonly used and machine-readable format” to pass to another company
- Right to Object (Articles 19 & 21): you object to us using your personal data for direct marketing, so essentially this is “unsubscribe”
Use the form below to make your request