The GDPR (General Data Protection Regulation) is an important piece of legislation that is designed to strengthen and unify data protection laws for all individuals within the European Union. The regulation became effective and enforceable on the 25th May 2018.
Rocketbots’ commitment to data protection and the GDPR
As a provider of messaging services, data privacy is vital to Rocketbots, which is why we built our platform to the highest standards of privacy and security.
We’ve designed our platform, as well as our internal Privacy Program, to meet the requirements of European, Canadian and US privacy laws. Our customers are located around the world, so we design for a global standard.
We also recognize that protecting your data requires an enterprise-grade security program. Whether it’s granular access restriction or encrypting data in motion and at rest, you can have full confidence in how your company data, as well as the personal data of your users, is being processed, transferred and stored.
Rocketbots began to dedicate internal resources to the GDPR in February 2018 right after we launched our first public version of our software. We did this because we value our customers (and their customers) rights to privacy. Compliance with and to international law and regulations are very important to us.
Here’s a condensed version of the GDPR requirements and where we are on our journey:
– Conduct an information audit to determine what information you process and who has access to it. COMPLETED
– Have a legal justification for your data processing activities. COMPLETED
– Appoint a Data Protection Officer. COMPLETED
– Rewrite our Data Protection Addendum (DPA). COMPLETED
– Perform the necessary changes/improvements to our product based on the requirements:
Suppression Controls. COMPLETED
Contact Lookup. COMPLETED
– Take data protection into account at all times, from the moment you begin developing a product to each time you process data. COMPLETED
– Encrypt, pseudonymize, or anonymize personal data wherever possible. COMPLETED
– Create an internal security policy for your team members, and build awareness about data protection. COMPLETED
– Have a process in place to notify the authorities and your data subjects in the event of a data breach. COMPLETED
– Implement the required changes to our internal processes and procedures to maintain the latest privacy and security requirements. COMPLETED
Your Responsibility as a Data Controller
People who communicate using the platform have rights under the GDPR. It is your responsibility to communicate these rights to them and be prepared for their requests to exercise those rights. We have built features that make it simple and fast to do so.
The first thing you need to do when a user submits a request is to identify the data you have about them. The Rocketbots platform makes that easy by using unified customer profiles where channel identities, channel supplied metadata, application, and other custom metadata, and conversation history is stored.
You can respond to the request to access, correct, or delete personal data through our Contacts Module. User message content can be extracted and provided to the individual, or you can Delete Messages and Profile Information.
If you are in the European Union you’ll likely want to sign a Data Processing Addendum (DPA) with Rocketbots. We’re happy to do so. Working with outside counsels, we’ve updated this document to be in compliance with the GDPR and other generally acceptable privacy laws. You can request this document at [email protected]
Data Processing Addendum
In the course of providing our service, Rocketbots may process personal data on your behalf. In order to outline specifics of how we will perform this processing and what our obligations are as well as the obligations of our users/customers, we’ve developed a Data Processing Addendum (DPA) that we enter into free of charge with anyone that uses our service and requests it. This document forms part of a contract of service with Rocketbots (as the Data Processor) and our users/customers (as the Controllers). The DPA reflects the parties’ agreement with regard to the processing of personal data performed using our service.
As a Controller, in order to sign this agreement, you must review and digitally sign a copy of the Data Processing Addendum. Once you sign the agreement, you need to email to our Data Compliance Department at [email protected] . Our team will review and sign your submission within 7 working days and send you back digital copy. With the receipt of the validly completed and digitally signed Agreement, this Agreement shall be in full force and effect.
You can request this document at priv[email protected]
We understand your concerns about the Data Privacy — we’ve been there! Keeping your data safe and secure is our top priority, and we’re committed to maintaining the highest standards.
Please feel free to contact us if you have any questions about Rocketbots’ Privacy and Security commitments or practices. You may contact us at [email protected]