The European Union’s General Data Protection Regulation (GDPR) protects European Union data subjects’ fundamental right to privacy and the protection of personal data. It introduces robust requirements that will raise and harmonize standards for data protection, security, and compliance.
What is GDPR?
The General Data Protection Regulation (GDPR) is a new European privacy law due to become enforceable on May 25, 2018. The GDPR will replace the EU Data Protection Directive, also known as Directive 95/46/EC, and is intended to harmonize data protection laws throughout the European Union (EU) by applying a single data protection law that is binding throughout each member state.
All eClincher services are GDPR ready
- eClincher uses advanced encryption methods to encrypt data, including the use of HTTPS. eClincher also uses advanced encryption to encrypt data at rest, where appropriate, that leverage Amazon AWS’s Key Management Service (KMS) and are designed to ensure that data cannot be decrypted by third parties.
- eClincher uses the OAuth 2.0 secure authentication protocol for authorization of Supported Platforms and Third-Party Apps.
- Access to the eClincher information systems, sandbox environment, and the production environment are limited to properly authorized users with security controls that include multi-factor authentication, single sign-on and OAuth 2.0.
- eClincher maintains change management control mechanisms to ensure changes are performed in accordance with eClincher’s Change Management Policy and corresponding change management procedures, which include approval of all changes into production.
- eClincher ensures development, testing, and production environments exist and are segregated.
- eClincher regularly tests the key controls, systems and procedures of its Information Security Program with a view to ensuring that they are properly implemented and effective, including ongoing penetration testing conducted by Amazon AWS Trusted Advisor, Amazon AWS Cloud Trail, and Amazon AWS Inspector.
- eClincher maintains a disaster recovery, backups, and business continuity plan designed to ensure continuous delivery of its services.
- User can delete personal data associated with his or her connected third party accounts (such as social media accounts). Open the Add & Manage Accounts popup and delete your accounts. User can also request all of his or her data to be deleted by requesting our Customer Support to delete his or her account (via live chat at our website).
- At any time, User can request his or her data by contacting our Customer Support via live chat on our website. After verifying the User identity, we will then export and email the data to the User. Available data for export: Inbox items and Auto Post Queues and posts.
- If User decide to leave our Services, or simply not using our Services, after 6 months of inactivity without log in to our app or platform, his or her data will be permanently deleted.