The law establishes requirements on the handling of personal information, especially when data crosses borders. It requires explicit opt-in before marketing to a European, legitimate business reasons for storing and processing personal information, and enshrines several new rights. The new rights include “the right to be forgotten”, portability of personal information, and to be notified promptly in the case of a data breach.
Does this affect me?
Yes. This affects all Táve users who handle the personal information of contacts from the European Economic Area. If you interact with EU nationals or think you will in the future, you must also execute the Táve Data Protection Addendum (DPA).
We’ve added a new ‘Privacy Opt-In’ field to both Contact Forms and Questionnaires. GDPR states that contacts from the European Economic Area must opt-in to receive any marketing communication or to have their personal information used in a way that goes beyond the reason that they gave you their personal information in the first place (for instance, if a European submits a request for information about a wedding, you can’t later send them a message about a special offer or email them about a portrait session without their explicit permission).
This is what the field looks like:
We’ve added a ‘strict privacy’ option to all contacts in your Táve address book. This value indicates that the contact is subject to the strict privacy requirements of the GDPR. It can be set manually but Táve will also set it for you if the contact has an email address or address from one of the countries in the European Economic Area (i.e. France or Germany).
The Right to Be Forgotten (Anonymize Contact)
GDPR requires that contacts have the right to be forgotten and that all personal identifying information be erased upon request. While Táve has always had the ability to purge contacts or jobs from the system, which complies with the right to be forgotten, we’ve created a middle-ground tool that anonymizes the contact while keeping your history and financials intact.
Anonymizing contacts is permanent and irrevocable. You will be warned with what data will be erased and what data will NOT be erased.
Privacy Compliance Log
You can now quickly see when a contact opted-in or out of your marketing, whether they require strict privacy and why it was set if set automatically, and when and by whom the contact was anonymized. This box will appear on the address book profile of any contact touched by privacy compliance.
https://tave.com/wp-content/uploads/2018/04/GDPR.png6421194Topherhttps://tave.com/wp-content/uploads/2017/04/Logo.pngTopher2018-04-30 14:58:252018-05-17 11:31:27European Union's General Data Protection Regulation (GDPR) and Compliance