Updated by Alex Cowell
Data Processing Agreement (DPA) to reflect the requirements of the GDPR and to ensure compliant data transfer with storage outside the EU.
The GDPR is a comprehensive data protection law that came into effect on May 25, 2018. It replaced existing EU law to strengthen the protection of “personal data” and the rights of the individual. It's a single set of rules which governs the processing and monitoring of EU data.
If you collect data about EU residents and decide why and how those data are collected and processed, you may be considered a data controller under the GDPR. Data controllers are responsible for implementing adequate technical, organizational, and operational measures to ensure and demonstrate that all data collection and processing is performed in accordance with the GDPR, including entering into a relevant data processing agreement. Moreover, you must fulfill data subjects’ rights with respect to their data along the following principles: Consent, Accuracy, Fairness, Transparency, Security.
If you hold or process the data of an any person in the EU, the GDPR will apply to you, whether you’re based in the EU or not.
Strong data protection commitments are a key part of GDPR’s requirements. Our data processing agreement shares our privacy commitments and sets out the terms for Markeaze and our customers to meet GDPR requirements. This is available for customers to sign upon request.
We’ve a dedicated Data Protection Officer to oversee and advise on our data management. Get in touch through the chat or by emailing firstname.lastname@example.org.
Markeaze helps you meet your data portability requirements. You can permanently delete all data linked to an individual user, just ask our compliance manager to do this.
We’ve reviewed all our vendors, finding out about their GDPR position and signed Data Processing Agreements with them.
We took new security measures. Security is a priority for us. We have regular external audits, pentests and bug bounties. We’ve built a robust security framework, achieving International Compliance standards (SOC2, CSA and Privacy Shield).
We collect the following data:
- Visitor browser data (User-Agent, IP-address, etc.);
- -Visitor clickstream logs (visited pages, duration, action on web-site);
- -Data, that visitor shares with shop via live chat.