The General Data Protection Regulation (GDPR), is a European privacy law approved by the European Commission in 2016. It will go into effect May 25th 2018. The GDPR is an attempt to strengthen, and modernize EU data protection law and enhance individual rights and freedoms, consistent with the European understanding of privacy as a fundamental human right. The GDPR regulates, among other things, how individuals and organizations may obtain, use, store, and remove personal data. It gives EU citizens and residents control over their personal data.
GDPR adds some new requirements regarding how companies should protect individuals' personal data that they collect and process. It also raises the stakes for compliance by increasing enforcement and imposing greater fines for breach. Beyond these facts it's simply the right thing to do. At Insomniac Technologies, Inc.
Our commitment to data privacy and GDPR Compliance
At Insomniac Technologies, we we strongly believe that your data privacy is important and we already have solid security and privacy practices in place that go beyond the requirements of this new regulation. In some cases we've implemented new policies and actions to meet regulations. We gladly support and make an on-going to effort to not only comply with GDPR regulations but also to be a leader in on-line browsing privacy. Below is an overview of what we have done and will continue to do to meet the new regulation requirements.
1. Breach notification
When we become aware of an incident that impacts the processing of personal data, we will promptly notify our users and any third party data processor that may be affected. We will promptly conduct an investigation into the incident, formulate a correct response, and take suitable further steps in respect of the incident. In case of an incident we send our customers a breach notification within 72 hours from the time it occurred.
2.Right to access
You can review the personal information you have provided us and make any desired changes to such information, or to the settings for your account, at any time by logging in to your account on the web site. Personal data maybe updated at any time on the account page of our web site and complete data may be obtain using our data export tool.
3. Right to be forgotten
Our Product and related documentation give you the ability to delete certain information about you from within the Account. For example, you can remove content and certain profile information within your profile settings. Please note, however, that we may need to retain certain information for record keeping purposes, to manage and monitor transactions and fraud or to comply with our legal obligations.
We may retain your information for as long as your account is active or as needed to provide you services, comply with our legal obligations, resolve disputes and enforce our agreements. On our website, where you may provide us with credit card or other sensitive information via the web, Insomniac Technologies. protects and secures this information by employing commercially customary web-based security and encryption protocols, examples of which include Secure Socket Layer (SSL) .
4. Data portability
Data portability is the ability to obtain some of your information in a format you can move from one service provider to another. Depending on the context, this applies to some of your information, but not to all of your information. Should you request it, we will provide you with an electronic file of your basic account information. Please, feel free to download your personal profile information in table or JSON format in our data export tool.
5. Cookie policy
We also use cookies to improve the web browsing experience. This helps us improve the quality and content of our web site and execute different functionality such as logging you in to your account. Please read our Cookie Policy for more details.
6. Usage of 3rd party tools
We have and will continue to perform reviews of our third party data processors and their GDPR compliance.
We may share your information with third parties who provide services on our behalf to help with our business activities. These companies are authorized to use your personal information only as necessary to provide these services to us.
These services may include:
- Fulfilling orders
- Payment processing
- Providing customer service
- Sending marketing communications
- Fulfilling subscription services
- Conducting marketing research and analysis
Our third-party data processors include
- Helpscout
- Mailchimp
- Drip
- Atlassian
- Stripe
- PayPal
- Defiant (WordFence)
- AWS
- Automattic (Akismet)
- MediaTemple
Questions about GDPR
We are happy to work with you to answer any questions and address any concerns regarding how we protect your personal data. If you have any questions, please don't hesitate to contact us using our GDPR contact form.