GDPR
  • 22 Aug 2022
  • 1 Minute to read
  • Comment

GDPR

  • Comment

The General Data Protection Regulation (GDPR) requires Nexudus to make the following changes to its platform and the internal privacy policy:

  • Reorganise the privacy team, document and keep records of decisions related to privacy made by Nexudus so that Nexudus is accountable for its privacy practices.

  • Make sure that Nexudus can honour the rights of European merchants and customers over their personal data, and that merchants can do the same when using Nexudus' services.

  • Make required contractual commitments to merchants and obtain necessary contractual commitments when Nexudus uses a third-party contractor to provide services.

Nexudus Implementation of GDPR

Nexudus has been preparing for the GDPR in the following ways:

Policies and Documentation

  • Updated Nexudus' privacy policy to include more information about the rights introduced by GDPR and included more detailed information about how Nexudus processes personal data, as required by Articles 13 and 14 of the GDPR.

  • Added a data processing agreement to Nexudus' online terms of service, as required by Article 28 of the GDPR.

  • Implemented a detailed procedure to deal with data subject access requests, deletion requests, and government access requests.

Product Features

Added a feature to the Nexudus platform so that space managers can obtain independent consent for marketing purposes and can choose whether or not to have the consent checkbox ticked beforehand, depending on their requirements.

Achieving GDPR Compliance

A few new options have been introduced or enhanced to support GDPR compliance when needed. These help customers agree with your terms and conditions and allow them to receive communications from you before they even provide you with any of their personal details.

Go to Settings and click Modules Configuration in the Features section. In the Newsletters tab, you now have two options controlling whether email addresses should be captured when a new member or contact is added to the system and whether the newsletter subscription should be active by default.

When signing up a new member as an administrator, these options control if that person's email is added to your member or contact subscription list and whether that subscription is enabled by default or not.

On the space website, this shows as a pre-selected checkbox when the newsletter subscription is activated by default.

To help you follow GDPR regulations, ensure that activating subscription by default is always turned off.

Was this article helpful?

What's Next