Wootric and GDPR Compliance

Our commitment to GDPR

Jessica Pfeifer avatar
Written by Jessica Pfeifer
Updated over a week ago

General Data Protection Regulation (GDPR), the legal framework that sets guidelines for the collection and processing of personal information of individuals within the European Union (EU), went into effect May 25, 2018.  Here are the features and processes that Wootric has developed for GDPR compliance:

We've built new product features:

Wootric can help you meet your data portability requirements for GDPR, you can easily export all of your data or granular subsets linked to an individual and permanently delete all data linked to an individual user. 

If you choose to cancel your Wootric subscription (via the Account section of dashboard Settings) your data is completely deleted within a day from the moment your account is deactivated.

By default, we retain the feedback to provide historical analytics until the customer or the individual end user requests removal.  Please contact us to set up a custom retention policy for feedback.

We’ve updated our Data Processing Agreements (DPAs): 

Our updated data processing agreement sets out the terms for Wootric and our customers to meet GDPR requirements. This is available for customers to sign upon request, along with Standard Contractual Clauses (SCCs). 

We’ve certified for International Data Transfers

We recognize that the latest iteration of GDPR has invalidated the Privacy Shield certification, but we do remain self-certified under the E.U.-U.S. Privacy Shield and the Swiss-U.S. Privacy Shield framework. 

We’ve appointed a Data Protection Officer 

We have a dedicated Data Protection Officer to oversee and advise on our data management.

We’re working with our vendors

We’re reviewing all our vendors, finding out about their GDPR plans and arranging similar GDPR-ready data processing agreements with them.  Learn more about our vendors here.

Additional information

Questions?

Feel free to reach out to us if you have any questions about GDPR.

Did this answer your question?