Joforce and GDPR
Joforce never avoids anything that brings security to our users’ privacy and rights. And its compliance with GDPR ensures that we are conscious of taking care of our users’ rights and keeping their data safe in Joforce.
General Data Protection Regulation is a regulation enacted by the European Union, came into force on 25th May 2018 to protect the personal data and rights of individuals, including children. The basic requirements of GDPR such as,
- Must disclose how you use the information of the data subjects.
- Use personal data of a data subject with their consent.
- Rights given to data subjects to know what information you’re storing about them, to get a copy of it from you, to restrict permissions in use of their data or to delete their data whenever they want.
- You must protect the data of users at all times. Encrypting their sensitive data can be done whenever possible. Sharing their data with third parties is illegal and prohibited if it is done without their consent.
After the internet is provided for everyone to use with freedom, there are so many vulnerable actions started taking part. There was a lack of protection for users’ sensitive data like profiles, card numbers, etc., The user’s info is collected and used for business commercials without much knowledge of information givers. It increases data misuse and data getting lost. To protect from these and give users the right to keep their privacy, the GDPR was come to act.
GDPR applies to organizations that business with EU residents, providing services to them or having data of EU residents. To know more read here .
Failure to follow these regulations may result in fines up to €20 million or up to 4% of the annual revenue.
Key stakeholders are, Data subject – An EU resident who is actually the subject of the data Data controller – who determines the purpose of processing the data Data processor – They processes data according to the instructions given by the controller Supervisory authorities – they are public authorities who monitor the application of the regulation.
1. Consent: The data subject provides you the express consent to process their personal data for specific purposes.
2. Contract: It’ll apply if you need to process the customer’s personal info to fulfill your contractual obligations, or to take steps based on the customer’s request, for example, sending quotes or invoices.
3. legal obligation: This is applicable when you(the data controller) have to comply with the law.
4. Vital Interests: This is to protect natural persons’ life.
5. Public task: This applies to perform activities of public authorities.
6. Legitimate interests: It includes commercial interests like direct marketing, individual interests or social benefits. The data controller must document and keep records of decisions on legitimate interests in the form of Legitimate Interests Assessment(LIA).
- You will receive communications in accordance with the consent you give and it can be canceled at any time when you need. Our privacy policy and terms of services are transparent and expressly comprehensible about what data we collect from you, how we use it, and the rights you have to control it. You can grant or abandon consent to these policies and terms.
- You can ask for a data processing agreement that gives how we process your data. You can email us at [email protected]
- We can’t compromise the data of our users. We only store data that we have consent to store unless it’s required to provide you with service or where we have a legitimate interest.
- We only share data with your direct consent to third parties, or if you agree to terms and policies that include those third parties. All third party processors comply with GDPR. We never have or sell your data to third parties or use it for advertising purposes.
- To keep your privacy safe, we encrypt personal and sensitive data whenever needed and when can be done without compromising the above purpose.
- You can ask us to see, correct, or erase your data, and stop us from processing it, or request a copy of how we use it by emailing at [email protected]
- We have appointed a Data Protection Officer to monitor your data processing and you can contact by [email protected]
- Double opt-in for email marketing.
- Encrypting Leads and Contacts fields at rest
- Audit user access and modification of encrypted data.
You can be sure that your data are safe in Joforce, and you always have the necessary tools in JoforceCRM to comply with GDPR.
We recommend you learn about GDPR, then write up or update your policies, practices, and procedures to comply with GDPR law.
Here in the link,you can know about GDPR. Also, we recommend that you refer to any third party sources to learn best practices.
It’s better to crea te a data protection team and make whatever changes necessary to ensure compliance with GDPR.
Download JoforceCRM
JoforceCRM is an open-source and here you can download it for free. If you are interested to use it before download, you can try our demo.