What is GDPR?
The General Data Protection Regulation (GDPR) is effective May 25, 2018, and is one of the most important changes to data privacy in decades. The new regulations expand controls European Union (EU) Data Subjects (the people who use your app, website or other service) have over their personal data and holds companies much more accountable for managing consumer personal data.
GDPR expands the regulatory environment for international business by enhancing obligations on organizations handling data. Even if you do not have a presence in the European Union, collecting personal data or behavioral information from EU Data Subjects makes your company subject to the requirements of the GDPR. No matter what size your company is, your organization could face heavy fines for failing to comply.
How Alchemer Digital Helps
When the Alchemer is deployed within a digital property, Alchemer acts as the Data Processor and our customer is the Data Controller of consumer data.
Alchemer is committed to consumer privacy and:
- our Customer Success team will work directly with our customers (the Data Controller) to assist them in meeting their GDPR obligations.
- will ensure our products continue to support GDPR compliance and strong privacy controls.
- can assist the Data Controller in demonstrating compliance to all of its stakeholders.
- helps the Data Controller respond to requests that data subject makes regarding their rights to be informed, access data, rectify data, and erasure.
Delete Data Using Alchemer Digital API
The Alchemer Digital API has two endpoints that allow you to send and monitor data deletion requests.1. The POST request in the image above allows you to request all associated data for a specific email address or request to delete all data associated with a specific email address.
2. The GET request in the image above allows you to request the status for your deletion request.
Request Data Deletion
Make a request to this endpoint, seen in the image below.
1. Specify if you would like to request "erasure" or "access".
"Access": Provide me with all data associated with the provided email address.
"Erasure": Delete all data associated with the provided email address.
2. In the "identify_value" field provide the email/s you would like to delete or request data for.
Check Status of Deletion Request
Make a request to this endpoint, seen in the image below.
If your request is completed you will receive a response similar to the example below:
Customer Love
GDPR aligns with what has long been Alchemer Digital product strategy: enabling companies to love their customers. Our Customer Success team guides our customers to think about engaging people at the right time, in the right place, in the right way, and to be thoughtful about what is right experience for the consumer. This includes being transparent about how personal data is being used. For us, “Customer Love” includes respect for consumer privacy and trust and making it a priority to protect consumer data.
Data Processing Agreement
When Alchemer customers process EU personal data using the Alchemer Digital platform, they must first sign our Data Processing Agreement (DPA). Alchemer Digital typically includes a prepared DPA in our contract documentation and encourages our customers to make use of it as it most accurately describes specifics within our product.
If you are a current Alchemer Digital customer who has not signed our DPA, please contact your Account Manager or Alchemer Support.