Bizible's Commitment to the GDPR
Last Update: June 12, 2018
Bizible takes privacy and security extremely seriously and have built our product with this in mind from the very beginning. With the introduction of the General Data Protection Regulation (GDPR), individuals in Europe will have strengthened privacy rights through the ability to restrict, export, delete, and modify their Personal Data, and Data Processors like Bizible will provide more transparency into the purpose and intended use of the Data.
Bizible's Commitment to GDPR Compliance
GDPR is a new privacy regulation in Europe that went into effect on May 25, 2018. It places large requirements on what type of data from European citizens we can collect and store and how we will collect and store. Bizible is fully compliant with these new regulations to ensure that all of our customers and prospects in Europe enjoy the full protections afforded by the new laws.
1. Lawfulness, Fairness, and Transparency
i. We will only process data as needed for our customers for the purposes expressly laid out in our customer engagements and in our publicly-facing privacy policies
2. Purpose Limitations
i. We will only collect data for the purposes of marketing attribution, analytics, and optimization in conjunction with our customer agreements and published policies. We will not use personal data for any other purpose
3. Data Minimization
i. We will only collect the minimum amount of data required to perform our service. The personal data Bizible collects is limited to email address, IP address, and cookie data—all of which serve a fundamental role in our solution
i. We will support the data subject's right to rectification allowing them to ensure Bizible data is accurate either through a direct request to Bizible or to our customers
5. Storage Limitations
i. All data subject data will be deleted within 30 days after the termination of a customer engagement
6. Integrity and Confidentiality
i. Bizible takes strong measures to ensure that our data is secure and protected by designing for security, employing frequent security scans and penetration tests, and leveraging industry standard technologies to ensure that our data is safe.
ii. All personal data will be encrypted at rest and in transit
GDPR Rights and Requirements
The below is a partial list of the key rights and requirements Bizible supports through our GDPR compliance. Bizible supports all aspects of the GDPR and thus this is not an exhaustive list.
The right to data portability
The GDPR requires that individuals can request and receive their personal data from controllers in a structured, commonly used, and machine-readable format. Data subjects have the right to transmit that data to another controller.
The right to rectify inaccurate or incomplete personal data
The GDPR requires controllers who process personal data to enable data subjects to request rectification of "inaccurate personal data;" and the completion of "incomplete personal data."
The right to restrict the processing of personal data
Under the GDPR, data subjects may request a temporary restriction of processing activities utilizing their personal data in certain circumstances, for example if a data subject objects to the processing of that data, but the controller has a legal requirement to retain it.
The right to erasure of personal data ("right to be forgotten")
The GDPR requires that a controller processing personal data must enable data subjects to exercise their rights by giving them a way to submit requests to erase their personal data.
Secure personal data
The GDPR requires controllers who process personal data to maintain a high standard of security.
Detect and respond to data breaches
The GDPR requires controllers to maintain appropriate technologies and processes to secure personal data and defend against personal data breaches. If a personal data breach does occur, a controller may be required to quickly notify regulators and may also be required to notify affected data subjects within 72 hours. Data processors will also be required to notify their customers, the controllers, without undue delay after first becoming aware of a data breach.
Submit a Request
If you are a citizen of the European Union and would like to exercise your rights to restrict, modify, transfer, or erase your personal data for Bizible, please go here.
If you are a citizen of the European Union and would like to exercise your rights to restrict, modify, transfer, or erase your personal data for across all Bizible customers, please go here.
International Data Transfers
Bizible maintains certifications with both the E.U.-U.S. Privacy Shield and the Swiss-U.S. Privacy Shield, which ensures companies comply with data protection requirements when transferring personal data from the European Union and Switzerland to the United States.
If you have any questions about Bizible’s commitment to GDPR, we hope that you’ll reach out to us at [email protected]. We’ve provided additional resources should you have any questions in the meantime. The latest changes will be reflected as applicable:
Bizible Application (Customers only)