What is GDPR and How it Affects You?
General Data Protection Regulation (GDPR) is a set of laws aimed at enhancing the protection of EU citizens’ personal data and increasing the obligations of organizations to deal with that data in transparent and secure ways.
As Trujay works with customers from all over the world, including EU citizens, we are compliant with GDPR regulations.
Your core rights as an EU citizen according to the GDPR in terms of Trujay service:
- You have a right to know what kind of your data is collected by Trujay
- You have a right to know why this data is collected from you
- You have a right to agree or disagree with the data collection during the very first interaction with our website/service
- You have a right to change/delete your personal data you’ve provided Trujay
- You have a right to know how Trujay secures your personal data
- You have a right to disagree with the collection of certain personal data
- You have a right to know how you can change/delete/disagree to the collection of your data
What does Trujay do to prepare for GDPR compliance?
Much of the GDPR when it comes into effect in May 2018 builds on the existing EU data protection framework which we are already well placed.
- Trujay informs the clients about the data we collect and what methods can be used to this point.
- We tell the users how to avoid above-mentioned tracking and do not share us their Private information.
- The Trujay team uses a Security Policy to help ensure the client’s data is secure.
- Trujay enables its clients to disallow the Personal data process for marketing purposes at any time by contacting us.
- We will delete our user’s Personal data after getting the email at firstname.lastname@example.org, email@example.com or receiving chat notification.
- Trujay consumers can send us a request to see the collected data.
What kind of your data Trujay collect?
To ease the customer journey using our service, we collect some of your personal information. Complying with GDPR regulations, we make sure that our customers are informed about all aspects of data collecting.
- web request (e.g. date, time, etc.)
- IP address
- browser type
- browser language
- one or more cookies identifying your browser
The small bits of text in data files are named Cookies. They can be downloaded to your browser (on your computer or gadget) when you surf websites.
Their primary purpose is to collect bits of useful information about your interaction with the website. As well, it can help remember your setup, understand preferences, ease the further logging into a service and make it secure.
For those reasons, Cookies are widely used by separate websites and online service providers to make them work efficiently and get reporting information.
To the word, Cookies do not identify the person and are not software programs. So, they cannot install themselves or any other application on your computer/gadget.
Note that blocking some types of cookies may impact your experience on our websites and the services we are able to offer.
Other tracking technologies: We may use other technologies from time to time, like Inspectlet, HubSpot CRM, etc. These are tiny graphics files that contain a unique identifier that enable us to recognize when someone has visited our Websites and what he/she doing there. Or, in the case of web beacons, opened an email that we have sent them.
How do we make sure that your data is 100% protected?
As we are working with personal data (which we collect via our website/service) and your CRM system data, we’ve developed the row of measures to ensure your data protection:
- network firewalls
- DDoS preventions (We use the latest hardware appliances and sophisticated perimeter security technologies, providing you with first-rate protection against large-scale DDoS attacks.)
- network posture assessment
Our service provides you with HTTPS-encrypted communication, role-based authorization, and validation of all requests to ensure the security on the application level.
More info on all of the mentioned-above points, you will find here:
Why we collect your personal data?
Due to the specifics of our services, we must/should collect your personal data for:
- Improving your customer journey on our website (web request, IP address, browser type, browser language, one or more cookies identifying your browser)
- Successful proceeding with the CRM data migration (you have to specify the details of your source and target CRM systems. Namely: source and target CMS type, both CRM URL addresses, your logins, and passwords.)
- Sending you the important info on your migration - estimates, results of the Sample migration, and other.
- Contacting you to clarify your requirements via e-mail address
What is Trujay data deletion and retention policy, and associated timescale?
Every service user/website visitor can demand Trujay to delete the Private data by sending a request mail to firstname.lastname@example.org, email@example.com or starting an online chat.
Please, note. The deleted data can not be restored. So, if the contact is removed, all his Personal data (name, email, password, phone number and info from Cookies) will be deleted as well as CRM access and migration results.
In short: the CRM details are saved for 30 days and will be deleted after this particular period of time. Please, inform us if you want the CRM information to be removed earlier.
How is my data protected from accidental destruction?
We take security very seriously and have developed a comprehensive set of practices, technologies, and policies to help ensure your data is secure. Security is essential in working with customers’ information, Trujay team builds the service on the effective and security-focused practices.
Trujay holds the following security points:
- Physical Security Layer
- Network Security Layer
- Application Security Layer
- Security Audits
For more information, go to Trujay Security Policy and Enhanced Security.
List of Sub-processors
Amazon Web Services
Hosting services, file storage, and backup services
Germany, United States
Internal company infrastructure
Website analytics and performance
Customer relations management
Atlassian inc. - Jira
Proprietary issue tracking product developed by Atlassian
Slack Technologies, Inc.
Can I get access to the data that Trujay collect when I want it?
Yes! Our client’s support is available 24/7, so you can easily contact us and get access to the data that Trujay collect. To that, drop us a request mail here: firstname.lastname@example.org, email@example.com or start an online chat.
Will Trujay only process data in accordance with my instructions, and is there a written contract?
Trujay only processes your personal data according to your instructions as Data Controller in accordance with our Terms of Service, Security Policy and Service Level Agreement.
Besides, we sign an NDA agreement with our clients and consumers that wish to run a custom Sample migration. As well, while you transfer us access to the CRM system, we sign Trujay Non-Disclosure Agreement too.
Questions & Concerns
If you have any questions or comments, or if you want to update, delete, or change any Personal Information we hold, or you have a concern about the way in which we have handled any privacy matter, please use send us a message to firstname.lastname@example.org, email@example.com or start an online chat.
Here you can check our Standard Contractual Clauses for more info on Trujay GDPR compliance.
Disclaimer: Please bear in mind that this article should not be treated as legal advice in complying with the GDPR. The sole purpose of this article is to facilitate a better understanding of the approved EU data privacy law.