fbpx

Based in Redhill, Surrey, UK

0333 9900 106

How does GDPR apply to your mobile app?

Does your mobile app comply with GDPR?

Eazi-Apps and their technical partners have been working towards GDPR compliance. We have made a list of the changes being implemented for GDPR compliance.

What Eazi-Apps is doing to ensure GDPR compliance:

  • Research all aspects of our product and business for potential impacts from GDPR
  • Work with professionals that specialize in GDPR for all aspects of our compliance efforts
  • Update our Privacy Policy for GDPR compliance
  • Update our Terms of Service
  • Liaising with our technical team to implement upgrades for GDPR compliance. This includes:
    • Improving Data processing, added security throughout
    • Record keeping of app customer consent
    • Updating CMS with proper tools for our partners to complete personal data requests from users
    • Update Mobile source code for GDPR compliance

What changes are coming with the CMS GDPR update?

Tools will be built to complete the following requests.

  • Right to be forgotten: Delete option within the Eazi-Apps dashboard that will permanently delete all of a customer’s data
  • Right to rectification: Already implemented with the last source code update, however additional support for user control of consent choices
  • Right of access: Improved personal data export tools within the Eazi-Apps dashboard
  • Right of portability: The previously mentioned data can be exported in a usable format

What changes are coming with the upcoming  GDPR Source Code update?

  • New customisable consent screen to display on app launch and available in the app settings page
  • Refactored our point and geo-fence push notification features so all location information is handled locally on the users own device
  • Users can now delete any of their comments/posts made throughout the application

Other information you should know:

  • Sensitive personal data, such as health information or information that reveals a person’s racial or ethnic origin, will require even greater protection. You should not store data of this nature within your Eazi-Apps account or application.
  • If you choose to use your own Privacy Policy and Terms of Service, you need to be sure that you are keeping record of any changes you make. In accordance to GDPR you need to be able to prove what information your users were provided with or, depending on the circumstances, were consenting to when you collected their information or they used your app at a specific date. That means if you make iterations over time you must keep dating records of each version.
  • If you are using third party software inside the app through integrations or web views that collects or processes personal data, you will need to add this information to your custom Privacy Policy and add proper consent.
  • Improving Data processing, added security throughout
    • Example: if you are using an email marketing integration and receive a request to forget a users account, you will need to both delete the user in the CMS and process the deletion from the third party software such as MailChimp.

Frequently Asked Questions

What is GDPR?

The General Data Protection Regulation (GDPR) is a significant piece of European data protection legislation for the European Union (EU) replace the 1995 Data Protection Directive. The GDPR enhances EU individuals’ privacy rights and places significantly enhanced obligations on handling data.

When do I need to comply with GDPR?

The GDPR is effective from May 25, 2018.

What rights will data subjects have under GDPR that apply to my Eazi-Apps application?

  • Right to be informed – Entities must be transparent in how they are using personal data and must inform data subjects of this.
  • Right of access – Data subjects will have the right to know what personal data is held about them and how it is processed.
  • Right of rectification – Where reasonably possible, data subjects will be entitled to have personal data rectified/edited if they feel that it is inaccurate or incomplete.
  • Right to be forgotten – Data subjects have the right to have their personal data permanently deleted upon their request and they do not have to provide a reason for the request.
  • Right to data portability – Where reasonably possible, data subjects have the right to retain and reuse their personal data for their own purpose.
  • Right to object – In certain circumstances, data subjects are entitled to object to their personal data being used. This includes, if personal data is used for the purpose of direct marketing, scientific and historical research, or for the performance of a task in the public interest.

To learn more about GDPR, please refer to the following sites.

https://www.eugdpr.org/gdpr-faqs.html
https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr

Disclaimer: This article is for informational purposes only, and should not be relied upon as legal advice. We encourage you to seek professional advice to determine precisely how GDPR might apply to your business. The goal of this article’s is to explain the changes we have made, and the tools we have built for you to help you to become GDPR compliant.


Find out more about our mobile apps

Does your mobile app comply with GDPR? – Call 0333 9900 106 or CONTACT US to make an enquiry