Appointfix is GDPR compliant

 

We know that GDPR messages from tons of companies are filling up your inbox these days. Bear with it though as it will mean a less cluttered inbox in the future. In this post we’ll explain what GDPR means and guarantee that you are well protected with Appointfix.

We are 100% committed to keeping your customer data safe and secure, therefore GDPR has given us an opportunity to review our systems and processes. So let’s see what GDPR is and what Appointfix has done to comply with the GDPR.

What is GDPR and Why is it Important

The Internet is amazing and we honestly couldn’t imagine life and business without it anymore. The problem with the Internet though is that it has grown so much, so complex and so fast that the laws were not able to keep up the pace.

The General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy for all individuals within the European Union, that will take effect on 25 May 2018. It replaces the current EU data protection laws and essentially provides a set of principles to ensure customer data is protected. Because the GDPR is a regulation, not a directive, it does not require national governments to pass any enabling legislation and is directly binding and applicable.

The GDPR aims primarily to give control to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU. It also addresses the export of personal data outside the EU.

GDPR Data Protection Principles

According to the GDPR, personal data must be processed in fulfillment of six data protection principles:

  1. Processed lawfully, fairly and transparently and should only be used in a way that a person would reasonably expect.
  2. Collected only for specific legitimate purposes and used for those purposes only.
  3. Adequate, relevant and limited to what is necessary. No more than the minimum amount of data should be kept for specific processing.
  4. Must be accurate and kept up to date.
  5. Stored only as long as is necessary and no longer.
  6. Ensure appropriate security, integrity and confidentiality. Data should be processed “in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures” (article 5, clause 1f).

The organization should implement an opt-in policy and have a data subject’s consent to process their personal data. People covered by the GDPR have the right to access their own personal data, get a copy of their data, ask for an update, deletion, or their data to be moved to another organization.

If you’re a more visual person, you can take a look at the main benefits and details in this infographic we found, which is quite explicit.

Changes at Appointfix

  • We’ve updated our Privacy Policy
  • We’ve provided a way for businesses to request a data export of their Appointfix account or request a permanent account deletion.
  • We’ve changed our approach regarding marketing messages. Users now need to opt-in specifically to receive marketing messages via email or push notifications. Note: our users will continue to receive the service related messages.
  • We’ve appointed a Data Protection Officer (DPO).
  • We’ve tightened up internal access policies so the right people have the right access to customer data within Appointfix.
  • We’re ensuring that our providers (Hetzner Online, Sendgrid, Nexmo) are GDPR compliant.

Exporting and deleting your information

You can export a copy of your information or delete your account from Appointfix at any time.

In order to export or delete your data:

Open the App on your device
Click the menu button in the top-left corner
Scroll down and select the option showing your email and photo to open your account settings
Scroll down to find the options to Export data or Delete account
Enter your password again to verify your identity
If you’re exporting your data, you will receive an email with a link to download your data from Appointfix: clients, services, appointments.
If you’re deleting your account, you will have to confirm the deletion as it will permanently remove all your information from Appointfix.

Need more Information?

If you’d like to find our more about Appointfix and the GDPR then please check out our updated Privacy Policy, contact our Data Protection Officer, and for full GDPR information go directly to GDPR website.

To summarize it in less technical terms: the GDPR is trying to protect you from companies that spam you with unwanted messages because they are collecting and using your data in non transparent ways. To remain transparent with customers data, companies should state in the privacy policy the type of data they collect, the reason they’re collecting it and give people access to their own personal data. That is why you should take a look at that huge pile of GDPR emails you’ve received and opt-in or sign up for those newsletters that are relevant to you, being related to the services you like and use. We recommend you do so without ignoring the email notifications received, so that you’re kept up to date regarding the services that really interest you. Otherwise you might lose touch and miss out on some relevant news and interesting deals.

We’re humbled and truly honored that Appointfix is part of your app choices and we’re looking forward to staying in touch as we’re continuing to provide a top service to you. Thank you once again!

Emilia is Marketing Director at Appointfix, an app helping professionals and small businesses easily schedule appointments and reduce client no-shows using automated text reminders. Feel free to drop her an email at emilia.pustan@appointfix.com.