How to be prepared for GDPR in 5 Steps

7:02 AM 0 Comments

GDPR is coming and you must be prepared...But why? 
Let’s start with the obvious reason: You’re sharing your contacts with Shared Contacts for Gmail®, hence you’re handling personal (your contacts’) information in your organization...and who doesn’t? 

This May 25th, GDPR (General Data Protection Regulation) is going to be enforced and all companies storing data from European nationals will have to be compliant. 

Even if you think this might not concern you, it does… Because, if you heard about the latest Facebook scandal, you will know that authorities from several countries have been pushed to consider taking more serious measures when managing information. 

So how can you take action? And what does this mean for you as a Shared Contacts for Gmail® user? 

Let’s begin with defining what GDPR means:
Enacted by the European Commission, GDPR (General Data Protection Regulation) has the purpose of protecting personal data of Europeans, stored by organizations and businesses like yours. Soon with GDPR your duty is provide individuals with the right of information, access, rectification, portability restriction and most importantly, deletion (or “right to be forgotten”). 

So what are our obligations with you as a user? 
Besides that fact that the app is 100% hosted on Google Cloud infrastructure (the most secure in the world), by making Shared Contacts for Gmail® GDPR compliant, we have the responsibility to keep you informed. 

Therefore you must know that unless you’re in the Corporate Edition and have activated the contact backup feature, we won’t keep any of your contacts in our systems. Instead, we will use hash technology to compare and synchronize every update you make.

In order to provide you with the best service, Shared Contacts for Gmail® stores the following data: 
-The names of your contact groups (so you can share them) 
-The names of your user groups (in order to facilitate sharing with a mailing list)
-Your sharing settings (so you can manage who can access which contact group) 
-The users in your domain (if you are using G Suite)
-Your language and country 

What happens to your data if you uninstall Shared Contacts for Gmail®?
If you canceled your subscription with us, the information mentioned above, will be kept during 2 weeks and then will be permanently deleted. However in case you wanted to exercise your right of deletion before that period, or you want to request access to the information we store about you you can always contact us.

How can YOU take measures to protect your contacts’ personal data?
To be compliant with the new regulation, you essentially need to ensure the privacy and security of the personal data you store about individuals, by doing the following:

1. Understand what kind of data you’re storing and where 

Make sure that you know all the places where the contact information of your contacts and users is located (CRM, Gmail contacts, devices, mail client, backup files etc).

2. Make it obvious! 

Make obvious to your customers in your website the steps on how to request right of access or deletion. Remember that they also have the right to be informed.

3. In case of a deletion request 

If someone requests to be deleted from your company contact lists: 
  a. Delete the contact from the shared group it belongs to
  b. Make sure every user deletes it from specific (not shared) locations.
  c. Delete the contact from your backups.

Need assistance? Gapps Experts can help you make a domain-wide search to make sure that the contacts of your choice have disappeared from your systems. If you would like to know how to be compliant as a G Suite user you can read more here

4. Make it simple

Once you know where you’re storing all your data, apply the minimalist concept of ‘less is more’ by making sure that you keep only the information that you need to operate in your activities and in the minimum locations. This way it will be easier to access them in case of request for inspection or deletion.

5. Always ask questions

Remember that GDPR is just common sense! It’s all about having a sense of the data you store so you can understand its purpose and being transparent about it.

But in case you still have questions or need further guidance, feel free to ask! That way you can ensure a smooth transition for GDPR compliance.

If you enjoyed reading this blog post, like it, share it, or add your comments. Follow us and visit our website.