Great question 😉! We’ve been closely reviewing the GDPR updates and are proud to say we’ve been working hard to be GDPR compliant for Demio EU users and users serving EU customers.
First, let’s just give a brief update on GDPR (hopefully without too much legal mumbo jumbo).
The GDPR (General Data Protection Regulation) is a new EU regulation that is replacing the 1995 EU Data Protection Directive (DPD) with an aim to enhance the protection of personal data for EU citizens and increase the obligations on organizations who collect or process personal data. It’s actually a great move for companies to step up their systems and protect your data!
The GDPR website has said it “was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy.”
With this new update, regulations will also apply to non-EU businesses who are marketing products to people in the EU as well as companies monitoring the behavior of people in the EU. Basically, even if you’re based outside of the EU, as long as you control or process the data of EU citizens, the GDPR will apply to you (aka parts of Demio).
Starting on May 25th, 2018, this regulation will go into effect, and if you want to read more, you can view the full text of the GDPR here.
We know as a user, there’s a lot to worry about, so we wanted to offer a comprehensive outline of what Demio is doing to help you 😎!
First and foremost, we’re doing a full review of all the GDPR restrictions in terms of data compliance and security.
This means we’re working to certify Demio as Privacy Shield compliant by May 25th! Privacy Shield is an agreement between the EU, Swiss and US governments to allow US companies to comply with EU and Swiss data regulations.
Privacy Shield was created specifically for US companies and may have a different set of regulations or requirements than a company operating in the EU.
We’ve also started working with GDPR legal teams to make sure we add in new GDPR features and privacy agreements for all our EU customers. When released, you will find a new option inside of your settings area to enable GDPR security for your account.
When you do so, we’ll add an extra layer of registrant compliance for all Demio webinars.
When activated, your Demio Registration pages and embed forms will now appear with a required Opt-in box to request access for you to market to that user when they sign up.
If your registrants confirm, they can now be signed up for the Demio webinar, sent reminder/replay emails, and can be sent to your CRM. All Demio emails already contain the ability to delete their registration, which would delete them completely from Demio as a contact or cancel their registration, opting them out of that webinar’s reminders. Both of these functions are already available.
In our current contacts section, you can export all your registrant data or segment them based on specific webinars, but this information is available via CSV as you need.
Once that GDPR setting is turned on, we will be removing access to the 1-click email, which would not be GDPR compliant, and adding more information around our API so you can be compliant in its usage.
As far as your personal data, Demio already takes this seriously. If you cancel or delete your account at any time, you can request a removal from Demio and we will delete and remove all your account info, including all your Demio registrants, event info, and customer data.
Finally, to wrap up, we are working hard to update security systems, enhanced password security, data protection, and data encryption to make sure your data and privacy are always kept a top priority for us. If you need any specific data on these changes, feel free to reach out.
To confirm, all of our servers are based at Amazon and we will be signing and coordinating with them as a vendor to ensure GDPR compliance with their addendum. Any other vendors are already being reviewed and making sure we are getting data processing agreements.
As we continue building, we’ll keep sharing information on our progress, and we’ll also be here to help your customers feel comfortable you are compliant. Some steps you can take are:
- Get familiar with the GDPR requirements and how they affect your company.
- Review how you process and store data from your CRM or exports of registrants.
- Chat to your lawyer about what your company needs to do, too.
Have more questions?
No problem! Feel free to reach out to us anytime if you have any questions about the GDPR and we’d be happy to chat more 🙂