Phone2Action, Inc. respects individual privacy and we are committed to complying with the legal standards imposed by applicable laws in our business practices. For individuals residing in the United States or any other country outside of the European Economic Area, EEA, (including Switzerland), the privacy and data protection laws of the individual’s residence will apply. For individuals residing in the EEA, the applicable law is the European Union General Data Protection Regulation (the “GDPR”).
What is the GDPR?
The GDPR was approved by the European Union Parliament on April 14, 2016 and goes into full effect on May 25, 2018. On May 25th, all entities working with the data of EEA citizens, including companies outside of the EEA will need to be General Data Protection Regulation compliant. Below, please find the key data protection principles we follow that reflect our proactive approach to the protection of such data, with respect to the Personal Data of individuals residing in the EEA and elsewhere.
a) We will only collect Personal Data for specified, explicit and legitimate purpose(s) and we will not further process it a manner that is incompatible with those purposes (the “Purpose Limitation Principle”);
b) We will process Personal Data lawfully, fairly and in a transparent manner in relation to the Data Subject (the “Lawfulness, Fairness and Transparency Principle”);
c) We will ensure that any Personal Data collected is relevant and limited to what is necessary in relation to the purpose so obtained (the “Data Minimization Principle”);
d) We will strive to ensure that the Personal Data collected is accurate and, where necessary, kept up to date (the “Accuracy Principle”);
e) We will develop procedures to reasonably ensure that Personal Data is not kept longer than necessary for the purpose(s) identified (the “Storage Limitation Principle”);
f) We will process the Personal Data in line with the Data Subjects’ rights (the “Data Subjects’ Rights”); and
g) We will ensure that appropriate security measures are put in place to protect the Personal Data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage (the “Integrity, Confidentiality and Security Principle”).
For more information about GDPR, click this link.