How Intercom complies with GDPR
HereвЂ™s a synopsis of GDPR, and how we prepared because of it at Intercom
The GDPR is really a data that is comprehensive legislation that came into impact on May 25, 2018. It replaced EU that are existing to bolster the security of вЂњpersonal dataвЂќ and the rights of the individual. It is a set that is single of which governs the processing and tabs on EU information.
Does I be affected by it?
Yes, most likely. If you hold or process the data of an any person in the EU, the GDPR will affect you, whether youвЂ™re based in the EU or otherwise not.
Exactly How Intercom ready for GDPR
Our teams worked difficult to guarantee we complied with GDPR. This was a massive overhaul of processes and information models to make sure we met our legal obligations, and did the best thing for the clients while still permitting us go fast, scale and build great services and products.
Here are the things that are main did
We built features that are new
Our teams built new features to enable our clients to easily meet their GDPR obligations.
Intercom helps you meet your data portability requirements; it is possible to export your data connected to an individual and permanently delete all data connected to a specific individual.
We shall immediately expire data on site visitors that have maybe not been noticed in 9 months, to ensure we comply with GDPR retention requirements.
We updated our Data Processing Agreements (DPAs)
Strong information protection commitments certainly are a part that is key of needs. Our updated data processing agreement shares our privacy commitments and sets out the terms for Intercom and our customers to generally meet GDPR requirements. This might be designed for customers to signal upon request.
We certified for Overseas Data Transfers
The EU-US Privacy Shield is really a framework negotiated and agreed by the Commission that is european and Department of Commerce as being a legal method of transferring personal data.
To comply with EU information protection laws Rada and regulations around worldwide information transfer, we self-certified underneath the E.U.-U.S. Privacy Shield plus the Swiss-U.S. Privacy Shield framework.
We appointed A data Protection Officer
WeвЂ™ve a dedicated information Protection Officer to oversee and advise on our information management. Make contact through the messenger or by emailing compliance@intercom .
We c rdinated with this vendors
WeвЂ™ve reviewed all our vendors, finding out about their GDPR position and signed Data Processing Agreements using them.
We t k new protection measures
Security is just a concern for people. We have regular audits that is external pentests and bug bounties. WeвЂ™ve built a security that is robust, achieving International Compliance standards (SOC2, CSA and Privacy Shield) and reviewed our internal access design to ensure the right men and women have use of the proper level of consumer information. Additional information can be obtained on our safety page.
WeвЂ™ll keep information that is sharing our progress, and weвЂ™ll assist our customers and prospective customers be compliant. Some steps you can take are
Get knowledgeable about the GDPR requirements and how they affect business.
Map out everywhere you process information and carry a gap analysis out.
Observe how you are able to leverage Intercom to simply help along with your GDPR compliance. Our audit reports, pen tests and security docs are available to clients on demand.
Consider your product roadmap, think about privacy when youвЂ™re planning.
Chat to your lawyer by what your organization needs to do to.
Monitor the guidelines that are developing the European Data Protection Board.