e-satisfaction is preparing for GDPR, following a specific and well-organized plan in cooperation with our legal partners. Below you will find a condensed version of our GDPR actions and roadmap and where we are today!
- Develop a Data Processing Agreement. - COMPLETED
- Our updated data processing agreement indicates our privacy commitments and sets out the terms for e-satisfaction.com and our customers to meet GDPR requirements. You can view our DPA and get in touch with email@example.com to get it signed.
- Completed a detail Privacy Impact Analysis. - COMPLETED
- This analysis covered all aspects of our business, both from the inside out and from outside in, so today we have a complete view of our risks, impacts and remediation actions required to ensure all data are safe.
- Documented our Data Subject Rights Policy. - COMPLETED
- In this policy we explain in detail how we manage requests by individuals about their data. If you want a copy of our data subject rights policy, feel free to ask it on firstname.lastname@example.org
- Coordination with all our Vendors - COMPLETED
- We have reviewed all our vendors, finding out about their GDPR plans and actions; and arranging similar GDPR data processing agreements with them.
- Data Portability - COMPLETED
- All feedback and visualization tools can export data and download a file in a .csv format.
- New Security Measures - COMPLETED
- We have taken extra security, technical and organizational measures to ensure the optimal security of our customer's data. The development of these security measures is carried out in accordance to ISO 27001 standards.
- Anonymization - IN PROGRESS
- We give to our customers the option to anonymize their data after sending the last e-mail that asks for feedback. This way the personal data you transfer to us, are not stored in our servers for ever.
- Delete Users - IN PROGRESS
- As our customers need to have the full control on the personnal data that are collected through e-satisfaction.com, we provide the capability to delete data and comply with requests by their customers.
- Data Retention - IN PROGRESS
- We give our customers the capability to define a time period after which data that have been collected through e-satisfaction.com will be automatically anonymized. Important information will be maintained but the personal data of their customers will be secure after the expiration of this period.
We are taking many steps across the entire company to ensure we will be ready for the GDPR.
We’re also working on interfaces that will allow you to address requests from your customers related to their rights for accessing any personal data that might stored in your e-satisfaction.com account.
Based on the research conducted by both our inside and outside counsels we are confident these changes will address the requirements of GDPR.