GDPR

The General Data Protection Regulation (GDPR) is a European privacy law which has been in force since May 2018. It imposes rules on companies which process (collect, store, manage, analyse…) personal data. Read this article to discover how Yadera helps you to meet the GDPR requirements.

Processor or Controller?

The GDPR makes a clear distinction between two roles:

1. The ‘data controller’: determines which personal data is processed and for which purposes the personal data is used (deciding);

2. The ‘data processor’: processes certain personal data on behalf of the data controller (facilitating).

Most importantly, we are processor in relation to the personal data of third parties (contacts) which you as a customer enter into our platform. Our platform facilitates the management of these contacts.

However, the decision as to which personal data is entered into the Yadera account lies entirely with the customer/user. This means the Yadera customer is the data controller here. Yadera has the sole task of keeping the customer's data safe and available and will never use this data for its own (commercial) purposes. The customer decides at any time what happens to his/her data on the platform.

Note: In a limited number of cases, Yadera acts as data controller. This is the case when we process a customer’s / user’s personal data with a view to providing and improving our services (e.g. user account creation, customer support, invoicing, etc.). Read our Privacy Policy if you want to know more about why we collect certain personal data about you, how long this information is stored, which privacy rights you have, etc.

How Yadera helps you towards GDPR compliance.

Wherever possible, Yadera provides tools and assistance enabling our customers to meet their own obligations under the GDPR:

  • The respective GDPR responsibilities of Yadera (as processor) and the customer (as controller) are clearly set out in our data processing agreement, which is an annex to the Terms of Service.
  • We have data processing agreements in place with our subcontractors to ensure that they apply the same high standards of data protection.
  • We continuously invest in technical and organizational measures to safeguard the security of your data and the availability of our platform.
  • Strict internal policies and procedures are in place to carefully handle customer data.
  • All customer data is stored on servers located in the EU.

Note: even though Yadera makes reasonable efforts to help its customers with GDPR compliance, it remains your final responsibility as data controller to meet your GDPR obligations. More information is available on https://gdpr-info.eu/.

If we can help with any Yadera-specific question on GDPR feel free to contact our Data Protection Officer (DPO).

Ensuring the security of your data and complying with data protection legislation is an important part of our mission. We continue to invest effort and resources to make improvements in this area.