Many of us are aware of the GDPR guidelines which came into effect on May 25th 2018. Here at Later, we're taking these regulations very seriously.
What is GDPR?
GDPR stands for General Data Protections Regulation.
The General Data Protections Regulation (GDPR) are new rules designed to protect all personal data belonging to citizens within the EU. The GDPR was put in motion by The Council of the European Union, European Parliament, and European Commission in efforts to provide citizens with greater levels of transparency and control over their personal data, who has access to it, and how it is being used.
The European Parliament approved the GDPR in April of 2016. Organizations were given a two year period to implement all necessary changes, and position themselves as compliant by the May 25th, 2018 deadline. Those who fail to do so will be met with heavy fines.
Here's a comprehensive list of the steps we're taking and areas we're covering, to make sure Later continues to handle personal data with security, organization and transparency.
- Data Portability (Transparency) - Creating the option for our users and partners to access their personal data and information around how we store and use it, in a quick and simple way - Subject Access Requests will be welcomed with open arms. Email us to request all of your data, we will send your information via a zip file.
- Processes & Systems - Proactively implementing new approaches to the way we collect, manage and store personal data internally - updating and introducing brand new systems and processes around data usage and handling.
- Spring Cleaning - Performing a complete audit of all existing data and processes we have had in place since Later's inception, and purging expired and non-compliant data from all of our systems - helping to align our new data storage banks and management systems with GDPR guidelines going forward.
- Right to Erasure - Providing the opportunity for all users and partners to avail of their right to be forgotten, and subsequently to have all of their personal data purged permanently. Delete Account action within Later will delete your account immediately and all secondary data will be removed within 30 days.
- Users' Clients - Crafting a platform that our users can trust and rely on when it comes to their own clients' personal data, by creating an environment that is 100% GDPR compliant.
- Data Processing Agreement - If you are a current customer and would like a DPA (Data Processing Agreement) please email us here and attach all of the reasons why your business would require this agreement.
If you have any questions around Later's GDPR policies feel free to contact us via the Later Chatbot (accessible from app.later.com on desktop) to learn more.