The General Data Protection Regulation (GDPR) goes into effect in the European Union on May 25, 2018. It will expand upon data privacy rights, requiring companies to safely and securely collect and process personal information. Its goal is to improve and protect personal data and information.
The GDPR applies to all companies with locations in the EU, as well as for all companies who handle and process the personal information of EU citizens. It expands upon the data privacy rights of these persons and applies not only to large companies, but to small and medium-sized businesses as well.
Check out our blog that summarizes all of the changes you can expect, as well as important tips on how you can make sure you are operating in full accordance with the GDPR. You’ll find a checklist you can download, making sure that you’re prepared in case your data privacy handling is ever audited.
Privacy is a top priority at Shore. Our vision is to simplify your business day, which of course also means helping you to work in full compliance with the GDPR. This is why we have thoroughly analyzed the requirements of the GDPR, and are currently re-evaluating all of our processes and procedures accordingly. We will be expanding upon our software, contracts, and documentation to ensure the absolute best protection of your data and the information of your customers.
All of our software applications are configured with data privacy-friendly basic settings. As a Shore customer, you’re able to allocate different roles to you and your team depending on what you require: Administrator, Owner, and Member. Administrators possess all rights across the entire company and are able to configure the system. Owners are assigned to a specific location and can manage the system for that entire location. Members on the other hand only have access to services specifically assigned to them and can manage their appointments and customers.
Our employees' access to information is based on a need-to-know principle. They are only permitted to access certain data where a justifiable need exists to do so. For example, if a customer contacts our support with a problem, the corresponding employees do have access to his or her information to effectively respond to the support request. In addition, our IT developers are permitted situation-based access to customer information to continually develop and improve our software. We will be re-examining this concept based on the changes produced by the new regulation.
A fundamental principle of the new General Data Protection Regulation is data economy. At Shore, we collect data and information only when it is absolutely necessary for the applications of our software. Let’s say you sign up for a free trial. This means we’ll have to store your name and email address to give you access to our software. Any additional information will not be collected.
We protect all personal data using Transport Layer Security (TLS) encryption. We additionally use HTTPS encryption in our software and on our website. Whenever a data transfer occurs, your data and information are not visible, and protected from third-party access.
Shore’s data and information are hosted on AWS servers in a data center in Frankfurt, Germany. Click on the following to read more about the guidelines regarding the certification of these servers: https://aws.amazon.com/compliance/iso-27001-faqs/ .
We updated our old data processing agreement to reflect the new requirements regarding the protection of personal data and included the agreement in our software. Consequently, as a Shore customer, you can now access and agree to our Data Processing Agreement conveniently in your Company Settings.Newsletter Opt-in
Every company is now required to get their customers' express consent before sending them promotional emails such as offers or event invitations. To comply with this requirement, we've included a double opt-in process in our software which is available for all users of our Newsletter feature. New customers have the option to subscribe when booking an appointment online. The subscription status is included in each customer profile in the section "Newsletter Subscription" and can also be complemented manually after obtaining the customer's oral consent.Privacy Poliy Update
We have a data protection officer who assists us with any data privacy questions, concerns, and issues.
Our Shore Business Cloud carries the “Software Made in Germany” quality seal which stands for top quality, groundbreaking innovation, proven solutions, an the very best in customer service.