About GDPR

 

The General Data Protection Regulation (GDPR) - which came into force on May 25th, 2018 - aims to protect the fundamental right to privacy and the protection of the personal data of European Union (EU) citizens. 

 

This regulation affects any entity (including websites) that processes EU citizens' personal data. Whether or not a business is located in the EU; if it has EU site visitors or, if it’s marketing campaigns target EU citizens, it is applicable. 

 

The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a regulation by which the European Parliament, the Council of the European Union, and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU).

 

How the GDPR applies to Dagmaker

 

The personal data of an EU citizen could be collected when using Dagmaker when building a database of contacts, their information and business dealings with Dagmaker (i.e. a CRM system).

The term data subjects is only applicable to customers that are individuals. Not all customers are data subjects, as some customers may be businesses or government organisations, to which the GDPR does not apply to.

 

Dagmaker’s adherence to GDPR compliance

 

Dagmaker is compliant with GDPR. This document outlines all the provisions we have taken to ensure we are complying fully with the regulation.

 

Information We Hold

 

Registration and Contact Information

 

We collect information about customers when they (a) register to use the Services and (b) otherwise provide contact information to us via email, chat, or through our Service. Information provided by customers may include usernames, first and last names and email addresses.

 

Payment Information

 

When customers purchase our Services, we also collect transaction information, which may include their company name, company VAT (when applicable), credit card or other payment information, billing and mailing address.

 

Technical, Usage and Location Information

 

We automatically collect information on how customers interact with the Service, such as the IP address from which they access the Service, date and time, referrer website and campaign information (“UTM” parameter fields). We may also collect location information, including location information automatically provided by their computer or device. We use cookies and similar technologies to collect some of this information.

 

Third-Party Platforms

 

We may collect information when customers interact with our service on third-party sites or platforms, such as analytical sites. This may include information such as actions or the fact that they viewed or interacted with our content.

 

Other Information

 

We may collect other information from customers that is not specifically listed here. We may use any such information in accordance with our Privacy Policy or as otherwise permitted by customers.

 

Data Security and Data Breaches

 

Data protection and security is of paramount importance to Dagmaker. We proactively monitor for security issues, vulnerabilities and unauthorized access.  Action is immediately taken if any suspicious activity or issue is detected. In the unlikely case of a data breach, we will notify all of our customers within 72 hours of the breach being detected.

 

Some of the preventive measures we take include:

 

Data Subject Rights

​

All individual rights regarding GDPR will be enforced by the Dagmaker team. If you would like to exercise your GDPR rights, you can contact us at info@dagmaker.com.

​

These rights include:

​

Data Processing Agreements

​

Dagmaker acts as a data processor for its customers (see “Information we hold”). Consequently we need to provide a signed Data Processing Agreement on request. If a customer (paid user) of Dagmaker needs a DPA, they simply need to contact us via email.

​

We have also requested and signed DPAs from each of our sub-processors and ensured they are GDPR compliant.

 

GDPR-Ready Privacy and Cookie Policy

Our privacy policy is GDPR compliant. 

 

Data Protection & Security

- Formal verification of compliance with the regulation can be requested by customers. Customers can provide a Data Processing Agreement template, which will be returned filled and signed.

- Sensitive information is stored securely, with limited access. Data breaches are responded to immediately by notifying affected parties.

- Customer data is only stored for the period of time they are using our services or until they request their data to be deleted.

- Customer data is stored in our US and UK data centers hosted by Google on the Google Cloud Platform.

- The personal information of customers is only accessed based on requests made by the customer or with the customer’s approval. In most instancea this is the customer support team, development team or marketing team.

- Customer requests for deletion of their data is processed immediately.

- Data Processing Agreements with each sub-processor and subcontractor are signed to ensure data protection. 

- The processing operations done by the Data Processor (Dagmaker) are those necessary to provide adequate customer support and reliable service.

​- All Dagmaker hosted accounts run over the HTTPS protocol. The Hyper Text Transfer Protocol Secure (HTTPS) is the secure version of HTTP. Data is sent between the customer browser and the website they are connected to over this secure protocol. Consequently all communication between a customer browser and Dagmaker is encrypted, including chat and email communication.

​​- User login credentials and passwords are stored in secure locations within our data centres using technologies such as managed encryption keys and VPNs

​​