Like many web services, Watchful has been busy making changes to address the General Data Protection Regulation (GDPR) set to go into effect in the European Union on May 25, 2018. We are working towards GDPR compliance in four main areas:
- Obtaining consent from users to collect and store personal information
- Creating an account deletion tool
- Expanding GDPR compliance in the future
The purpose of this article is to provide an update for each of these areas.
Obtaining consent from users to collect and store personal information
An important tenet of the GDPR is obtaining explicit consent from users to receive messages from Watchful. This consent is now a required part of the sign-up process at Watchful as GDPR compliance involves notifying users of data breaches: we can only comply with this if we have users consent to do so.
New users will have the opportunity to give consent when they sign up. Per our terms of service, existing users implicitly give their consent if they continue to use Watchful.
Creating an account deletion tool
Another pillar of the GDPR is the “Right to be forgotten”. This means that users have the right to have their personal information erased. We have applied a tiered approach to address this.
First, the “Edit Profile” area in the Watchful Dashboard has a new “Delete Account” account tool. This will cancel any subscriptions as well as delete the user data from our system.
However, the Delete Account feature is not a comprehensive data erasure tool. For example, transaction history remains stored at our payment processors (Recurly and Paypal). While some transaction information will always be saved for tax and audit purposes, personal information would ideally be anonymized when a user requests account deletion. Unfortunately, our payment processors do not yet support this.
Similarly, our email service provider (MailChimp) stores records of users mailing list subscription status even when someone unsubscribes from a mailing list. Just today MailChimp has released tools to help remove this data for unsubscribed users.
The second tier of our approach to address account deletion will be to integrate these new tools in the future as they become available (see below).
There are a few major changes that deserve highlighting:
- We have simplified the language to explain the policy in plain English without complicated legal terms and complex sentence structures.
- We have added a “Promises” section that outlines our approach to the privacy of your personal data.
- We have added a “Rights” section that describes your rights to the data we collect.
- We have added a significant amount of information on what personal data we collect, why we collect it, how the information is securely stored, and how we share your information with our trusted partners and upstream service providers.
- We have added sections describing how user accounts can be deleted (see above) and system and marketing messages canceled.
- We have added a list of cookies we use at Watchful.
Expanding GDPR compliance in the future
As mentioned above, some of our upstream service providers like Recurly, PayPal and Mailchimp are still in the process of themselves becoming GDPR compliant and building the tools to allow for data anonymization and/or erasure.
Going forward, we will monitor their progress and address the following areas as tools and resources become available:
- Delete user history and personal information from Mailchimp when deleting accounts
- Anonymize personally identifiable information at payment processors
- Find an easy way for users to download their information
We are also working on a Data Processing Agreement that addresses the use of data “Processors and Sub-processors” under GDPR.