The EU General Data Protection Regulation (GDPR) was implemented May 2018 and introduced a new era in personal data security. GDPR is a big deal as it requires businesses across the globe to change the way they work when it comes to the personal data of EU citizens. GDPR puts customer privacy at its core, making privacy a fundamental customer's right and ensuring personal data is kept safe away from prying eyes.
GDPR talks about many key points covering the lawful basis for processing, individual rights, accountability and governance, security, international transfers and personal data breaches.
GDPR lets users access and manage their personal data in a totally new way. Here we discuss the eight rights a user has and how SigningHub addresses these:
1. The right to be informed
2. The right of access
3. The right to rectification
4. The right to erasure
5. The right to restrict processing
6. The right to data portability
7. The right to object
8. Rights in relation to automated decision making and profiling.
Right to be informed
Right of access
This right allows users to request SigningHub to provide details of what personal data is held about them. SigningHub already lets you access all of the personal information (name, mobile number, country etc.) held inside your account from the SigningHub portal so there is no need to submit a request. After login, you can access this information from menu > my settings.
Right to rectification
This right allows the user to rectify if any personal data is inaccurate or incomplete. SigningHub lets customers rectify their personal information from the SigningHub portal, be it their name, mobile number, country etc. The only item which can't be changed is the user's email address because this is used to identify and authenticate the user. Changing your email address requires you to delete your account and create a new account under the new email address.
Right to erasure
Right to restrict processing
Individuals have a right to ‘block’ or suppress processing of their personal data. Note that SigningHub doesn't process personal data other than what is agreed with the user at the time of account registration. Once restricted, you will no longer have access to SigningHub and SigningHub will no longer process your personal data, meaning the user will also not receive emails. You can request your account to be restricted or re-enabled from SigningHub by writing to email@example.com.
Right to data portability
The right to data portability allows individuals to obtain and reuse their personal data for their own purposes across different service providers. It allows them to move, copy or transfer personal data easily from one IT environment to another in a safe and secure way, without hindrance to usability. SigningHub allows users to request their personal data in the standard CSV format. You can request a copy of your personal data in portable format by writing to firstname.lastname@example.org.
Right to object
This right allows the user to object to the processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling), direct marketing (including profiling) or processing for purposes of scientific/historical research and statistics. SigningHub doesn’t use your personal data for any of these purposes other than for marketing which you can opt out of at any time. You can opt out using the unsubscribe link from the marketing emails you get or you can use the contact us page.
Rights related to automated decision making including profiling
SigningHub doesn't do automated decision making or profiling so this right doesn’t apply.
GDPR is a game changer for personal privacy and enables secure business operations. Being at the forefront of security, SigningHub prioritises user privacy. Watch this space for more initiatives in this area. Our recent upgrade to SigningHub provides more control over the personal data being processed. To find out more see the recent updates to SigningHub.