CustomerSuccessBox GDPR Readiness

CustomerSuccessBox GDPR Readiness

The European Union’s General Data Protection Regulation (GDPR) protects European Union data subjects’ fundamental right to privacy and the protection of personal data. It introduces robust requirements that will raise and harmonize standards for data protection, security, and compliance.

What steps were taken by CustomerSuccessBox following the GDPR requirements?

  • In the last year we had cross functional team collaboration to achieve GDPR readiness. Executive sponsorship from Technology, Security, Legal, Marketing and Operations.
  • All customers data is stored with AWS servers who complies for the GDPR.
  • Updated Priacy Policy
  • Presence of Information Security Policy
  • All employees understand their role to ensure GDPR compliance and are trained on GDPR to handle all the personal data appropriately as per GDPR requirement.
  • Personal Data and Processing Activity register in place to have a track of all the the personal data being collected and processed by the organization.
  • Data Processing Impact Assessment procedure in place and DPIA done for all the processors and controllers.
  • Internal Audit done for all the products and all our products are now GDPR compliant.
  • CustomerSuccessBox as per the GDPR principle is following Privacy by Design concept.
  • Response procedure in place for any incident of data breach as per our Data Breach Policy.
  • Response procedure in place for retention of personal data as per our Data Retention Policy in place.
  • Subject Access Request procedures in place to handle all requests of data subject as per GDPR rights.
  • Technical Safeguards in place to ensure security of all the personal data.

Data Sharing and Minimization

By nature of CustomerSuccessBox’s integration architecture, you determine what data is sent over for processing. Accordingly, your company acts as the controller and must abide to a set of core principles regarding the handling of the personal data, as outlined in the next sections of this document.

First of all, as part of the GDPR principles, you should avoid sharing unnecessary personal data with CustomerSuccessBox. Typically, the only class of personal data you should share with CustomerSuccessBox is contact information (name, business email/phone) and you should NOT share other classes of data (e.g. health-related data, sexual orientation, religion-related information) that are not relevant to managing the customer’s success with your service.

Where can I find CustomerSuccessBox’s Data Processing Agreement (DPA)?

You can view the latest DPA here.

Who should I contact if I have more questions?

Popular Guides
View All
Popular Templates
View All
Popular Guides
Customer Success Tools
Customer Onboarding
Customer Technology Stack
Customer Success jbo
Quarterlsiness Review
Chieuct Officer
Customer Health Scoring
Customer Success Manager
NPS Industry trends 2021
Customer Health etheh hr. rhrg
NPS Industry t 2021
View all
#SuccessBound Monthly Newsletter
#1 Customer Success Software
Follow us for everything about Customer Success!
© 2021 Copyright Promoto. All rights reserved | Status | Privacy Policy | Security | Terms and Conditions | Service Level Agreement
Request Demo
Start Free Trial