The General Data Protection Regulation (GDPR) is the result of four years work by the European Union to unify and strengthen data protection for all citizens in the EU.

GDPR gives you more control over how your data is used, while to us, it will be a simple legal environment where we can operate. That makes this change desirable for both parties!

The new regulation will come into effect on the 25th May 2018 and we are working on changes within our company’s products, procedures, and policies to be in line with GDPR by this date.

GDPR: How Does it Work

GDPR regulates the processing of personal data in the European Union (its collection, storage, transfer or use). Under the GDPR, the concept of “personal data” is broad and covers any person-related information that can be used to identify them.

The important thing is that GDPR applies to every organization that processes personal data of the EU citizens, even if it’s located outside of the EU. Now, every company is obliged to maximize its security in order to prevent data violation and protect you from data leakage.

What Is LeadsPedia Doing about GDPR?

Maximum data security has always been the top priority in LeadsPedia. Privacy Shield and new data centers are just examples the improvements we continually introduce; compliance with GDPR is just another step towards better data protection.

We have always aimed to be fully compliant with international law and privacy regulations. For that reason, we have started working on GDPR regulations in November 2017, nearly a year before the deadline. We are in touch with attorneys and data protection specialists to implement all the changes.

We are improving anonymity and pseudonymization of the data within our analytics tools, and we are making the changes so you could have a better control over your data. We want to give you tools that will allow you to decide to what extent you disclose your data or to what extent you process data of your customers.

We will be doing some more changes in the area of privacy in the days to come - but we have already accomplished a lot.

What do LeadsPedia customers need to do?

If your company is based in the EU or your customers are EU citizens, there are few things that might be important for you.

1. Make sure that your Terms of Service and Privacy Policy properly communicate to your customers how you use LeadsPedia. If you collect personal data of your customers and process them via our platform, you should inform your customers about their entitlements under GDPR. We recommend you ensure your policies and internal documentation are up to date and clear to your readers.
2. If you are located in the EU or your country's law requires it from you, you can sign a Data Processing Agreement with us. To do that, write us an email at legal@leadspedia.com and we will provide you with a DPA that you'll be able to both review and sign.
3. In reference to the Data Processing Agreement, note that both our Terms and Conditions and Privacy Policy will be updated soon. Providing our customers with updated DPA was our top priority, and now we will continue working on further steps, allowing us to become GDPR compatible. We will do our best to keep you informed!

The summary of key GDPR changes

Expanded individual rights
GDPR grants expanded rights for individuals in the European Union by allowing them, amongst other, the right to be forgotten and the right to request a copy of any personal data stored in their database.

Compliance obligations
GDPR requires organizations to implement appropriate security policies, keep records on data activities, and enter into written agreements with vendors to make sure that data is protected.

Data breach notifications
GDPR requires organizations to report certain data breaches to data protection authorities and, under certain circumstances, to the affected data subjects.

New requirements for profiling and monitoring
GDPR impose additional obligations on organizations engaged in profiling or monitoring behavior of EU individuals.

Increased Enforcement
GDPR provides a central point of enforcement for organizations operating in EU or processing data of the EU individuals member states by requiring companies to work with a supervisory authority for cross-border data protection issues.