The General Data Protection Regulation ("GDPR") will be enforced on May 25, 2018, and Syncro is committed to being compliant and providing our clients with the tools they need to also be compliant.
This page is about how Syncro is compliant in our relationship with you (our users). If you are looking for information on how we help you be compliant with your Customers, please visit this page: GDPR - Your Business and Your Customers
GDPR can be broken down into some primary categories:
- Specific and Unbundled Consent
- Data Portability
- Right to Erasure (aka Right to be Forgotten)
- Breach Notification Policy
- Supporting Documentation
Enabling GDPR Functionality
Please note that certain GDPR features must be enabled in order to be seen and used within Syncro. To enable, please go to Admin > GDPR Center > and check-mark the box "Enable GDPR Functionality."
Specific and Unbundled Consent
We are careful to respect your desire to be marketed to or not. If you feel you are receiving marketing communication that you did not consent to, please contact us so we can address it immediately by emailing email@example.com.
We make it easy to download a portable copy of your data. Just email us at firstname.lastname@example.org and we'll send you a copy electronically.
Right to Erasure
We accommodate your right to erasure via a support ticket. Please contact us at email@example.com and we will take care of it!
Breach Notification Policy
Our policy is that we will notify you within 72 hours of discovering a breach.
Subprocessors and Subcontractors
What is a Subprocessor? A subprocessor is a third party data processor engaged by Syncro, who has or potentially will have access to or process Service Data (which may contain Personal Data). Syncro engages different types of subprocessors to perform various functions as explained below. Syncro refers to third parties that do not have access to or process Service Data but who are otherwise used to provide the Services as “subcontractors” and not subprocessors.
- Amazon Web Services, Inc. - Cloud Service Provider - privacy shield
- Heroku - Cloud Service Provider - privacy shield
- Twilio, Inc. - SMS communications - privacy shield
- Mixpanel - Analytics - privacy shield
- U.S. Department of Commerce Privacy Shield Website: https://www.privacyshield.gov/welcome.
- Directive 95/46/EC: http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=LEGISSUM:l14012.
- General Data Protection Regulation (GDPR): http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32016R0679.
- The International Association of Privacy Professionals: https://iapp.org.
- United Kingdom Information Commissioner’s Office’s “Preparing for the GDPR”: https://ico.org.uk/media/1624219/preparing-for-the-gdpr-12-steps.pdf.