Everything you need to know about Post Affiliate Pro’s GDPR compliance
Post Affiliate Pro is committed to privacy, security, compliance and transparency. This approach includes supporting our customers’ compliance with EU data protection requirements, including those set out in the General Data Protection Regulation (“GDPR”), which became enforceable on May 25, 2018.
The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a regulation by which the European Parliament, the Council of the European Union and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU).
One way in which the personal data of an EU citizen could be collected while using Post Affiliate Pro is when you build a database of contacts, their information, and business dealings with them (i.e. a CRM system). Not all customers will be “data subjects”, as data subjects are only individuals. Some of your customers may be businesses or government organizations, which the GDPR does not apply to.
Yes, Post Affiliate Pro is fully compiant with the new regulation. Several strategies were prepared and undertaken in order to meet all the required criteria, which became enforceable in May 2018.
Do you have any dedicated data protection officer (DPO) or compliance / security team working?
Yes, we have both an internal team and a dedicated Data Protection Officer. Please direct all your questions related to GDPR compliance to firstname.lastname@example.org.
How will you verify to customers that you are in compliance with the new regulation?
If you wish for formal verification, you can provide us with your Data Processing Agreement template, which we can returned filled and signed.
How is sensitive information stored and do you have processes in place in the event of a data breach?
Sensitive information is stored securely, with limited access. We react to Data breaches immediately, by notifying affected parties, DPO and local Institutions, according to our internal GDPR project.
How long do you store customer data for?
We store customers’ data only for the time of using our services or until they request to delete their data.
Where is your customer data physically stored?
Data of our EU customers are stored in our European datacenters located in Germany, UK and Slovakia and are hosted by Linode, Inc.
Which of your teams will have access to customer personal information?
We access customer’s personal information only based on prior request by the customer or with the customer’s approval. In most common cases, it is the customer support team, development team or marketing team.
How does your organization handle instances when customers request their data be removed from your system(s)?
When a customer requests deletion of their data, we proceed with the deletion immediately, with no further delay.
How do you handle data protection requirements with any of your sub-processors?
We sign Data Processing Agreements with each of our sub-processors or subcontractors.
What third party organizations (sub-processors) do you work with that may also have access to the data we share with you?
See list of Post Affiliate Pro sub-processors and subcontractors.
What new safeguards or processes did you implement to meet the May 25 deadline?
Most of the safeguards and processes have been in place before because we don’t take privacy of our customers’ data lightly. We have implemented several more guidelines on how to handle sensitive data, how to react to incidents and data breaches and more.
What processing operations are done by the Data Processor (Post Affiliate Pro)?
All actions necessary to provide adequate customer support and reliable service.
Who are the Data subjects?
Persons whose data has been shared with the customer our Post Affiliate Pro.
What are the Categories of Data?
Name, Email, Phone number, Address, IP Address, Timestamps of actions, Browser Cookies, Additional data collected by customers
Are there any Special Categories of Data?
No, there aren’t any special categories of data.
2-Step verification adds more security to your Post Affiliate Pro account. When you have 2-Factor Authentication enabled, any attempt to log into your account must be accompanied by the code that you generated in Google Authenticator app. 2-Step Verification can help keep unknown people out, even if they have your password.
All Post Affiliate Pro hosted accounts run over a secure connection using the HTTPS protocol. Hyper Text Transfer Protocol Secure (HTTPS) is the secure version of HTTP, the protocol over which data is sent between your browser and the website that you are connected to. It means all communication between your browser and Post Affiliate Pro is encrypted, including your chat and email communication.
We follow latest best practices to store and protect user login credentials and passwords in the cloud.
Post Affiliate Pro API is restricted to accredited users based on username and password or username and API tokens.
Post Affiliate Pro provides customers the option to delete Service Data that may contain personal data, such as profiles, commissions, IP addresses, logs, and other data in active Post Affiliate Pro accounts.
Post Affiliate Pro currently supports the deletion of affiliate profile information for Merchant type users in the Affiliate Manager view. When clicked on Delete, all tracked data about an affiliate are deleted immediately.
Every Post Affiliate Pro account owner has full control over his account and can request to be deleted any time by mail to our email@example.com. Post Affiliate Pro cloud has also automatic procedures for deleting suspended accounts to make sure we don’t store permanently your data after you decide to stop using our services.
In case trial account is not upgraded to paid plan within 14 days or billing of already upgraded account is failing more than 7 days, account is suspended. Suspended account doesn’t allow user logins or access data either by account owner or his customers.
In case account owner doesn’t request to unsuspend his account by email or chat, within next 60 days is account terminated (domain stops to be active, we remove account configuration from cloud, but we keep data in storage).
Terminated accounts are deleted automatically from our cloud within next 30 days. From this point we don’t have any active data in Post Affiliate Pro cloud, we store for another 30 days just cold backup of database. Once backup expires, we don’t store any data from your account anymore.
Contact us at firstname.lastname@example.org
We appreciate your recent sign up for a Post Affiliate Pro.
A message will be sent to your email address containing login details, right after your account is installed.
If you wait for a while, after installation is complete you will be able to access your account directly from here.
After the process is over, we will send the login details to your mailbox.
We’re available on multiple dates