Participative Management is a concept that emphasizes the involvement and participation of the team in decision making...
GDPR & BEESY
BeesApps’ improvements to ensure you always more security and privacy
If you work in a B2B or B2C company, you have probably heard about this European regulation: the General Data Protection Regulation (GDPR). It is a set of rules aimed at strengthening the protection of the personal data of European citizens and forcing organizations to process this data in a more transparent and secure way. The GDPR does not only apply to companies in the European Union, but also to all those who control or process the data of European citizens.
BeesApps aims to ensure that its practices comply with the GDPR regulation and we want to explain how the Beesy.me platform includes the changes requested to be “GDPR compatible” without disrupting your daily use.
By May, 25th (and beyond), BeesApps is committed to strengthening its platform to facilitate compliance with the GDPR.
BeesApps has created this page to answer all your questions about product updates related to the new EU regulation by May 25th.
DISCLAIMER: This website is not an opus about data privacy in the EU or legal advice that your company can rely on to comply with EU data privacy laws , like the GDPR. It aims only to contextualize the way BeesApps has approached this new law to ensure maximum transparency. Only a lawyer is entitled to interpret the legislation according to a particular situation. BeesApps therefore recommends that you consult a qualified professional for any question regarding the interpretation of the information below or their accuracy. Please do not consider this article to be legal advice or a recommendation of a legal nature. The products, services, and other capabilities described in this article are not appropriate for all situations and may have limited availability.
Product improvements
Work and Calendar deadline
Please find bellow a non-exhaustive list of the most important elements that BeesApps implements to ensure compliance with the new regulations. BeesApps plans to implement all of these elements by May 25th, 2018.
The legal bases
What we do
The rules and obligations of the GDPR apply to the processing – automated or otherwise – of personal data. The aim of the GDPR is to strengthen the management of practices relating to the collection and use of personal data.
The GDPR provides a precise definition of “personal data” (DCP): it is “any information relating to an identified or identifiable natural person”. By identifiable natural person, it is necessary to understand “a natural person who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, an online identifier, or to one or more specific elements specific to its physical, physiological, genetic, psychic, economic, cultural or social identity.”
BeesApps will make several changes / optimizations to the Beesy solution to allow compliance with the obligations of the RGPD. Some of its most important changes are detailed below.
You can follow all the changes made by our teams on this page.
In addition, we will provide a dedicated space dedicated to managing your data and your consents directly on Beesy.me.
In Progress – Available by May 25th
Data Protection Officer
The general regulation for the protection of personal data (GDPR) will enter into force. Consequence: Companies and administrations that use personal data will have to use the services of a data protection officer (DPO).
BeesApps has declared its DPO, with the “designation No. DPO-3777”.
To contact our DPO and ask him all your questions, contact him at rgpd[@]beesapps.com
—
Available now
Informed Consent
The first type of legal basis of treatment is informed consent.
To obtain Emma’s consent in accordance with the GDPR, some elements are necessary:
To obtain Emma’s consent in accordance with the GDPR, some elements are necessary:
- She must know what she is doing. This is called “informed consent”.
- It must be a clear positive act (the pre-checked boxes are not valid). Completing a simple form can not implicitly commit to receiving all communications from your company.
- The consent must be granular, which means that it must detail all sorts of processing and use of Emma’s personal data (for example, e-mail marketing or commercial calls). You must keep documented evidence of what Emma consented to, what you told her (informed consent) and when it occurred.
BeesApps makes sure that all uses of Beesy that involve and require consent are implemented such as the validation of our terms of use, our privacy policy, the invitation of your contacts or the exchange information to your professional contacts, in accordance with the GDPR regulation.
The three most popular channels used by Beesy customers are the invitation to collaborate, the assignment and sharing of data and the import of contacts. These are different channels through which Emma must consent.
The objective of this update is to allow you to control your use and the communication that is done with your data.
In Progress – Available by May 25th
Withdrawal of consent (or unsubscription)
Emma must be able (as a data subject) to see what she has registered for and withdraw her consent (or oppose the way you process her data) at any time. In other words, withdrawal of consent must be as simple as consent.
In Beesy, Emma can withdraw her consent from the page ‘manage her consent‘.
Once consent changes have been made, this page will reflect positive consent for each type of communication. She can withdraw her consent easily and at any time from the subscription preferences page.
PS: All direct emails sent via Beesy.me (excluding technical support) all have an unsubscribe link.
Available : manage your consent
Once consent changes have been made, this page will reflect positive consent for each type of communication. She can withdraw her consent easily and at any time from the subscription preferences page.
PS: All direct emails sent via Beesy.me (excluding technical support) all have an unsubscribe link.
Available : manage your consent
Right to be forgotten
Emma may at any time request the deletion of any personal data that you hold on it. The GDPR policy then requires permanent removal of Emma’s contact in your database, including your email tracking history, call logs, form submissions and more.
In most cases, you will need to respond to your request within 30 days. The right to delete is not absolute and may depend on the context of the request, so it does not apply systematically.
Beesy already allows the deletion of your data but we will make optimizations to allow you to do it directly from the platform Beesy.me in your space dedicated to the management and control of your data .
As required by law, BeesApps must provide you with a positive response within 30 days.
In progress – Available by May 25th
As required by law, BeesApps must provide you with a positive response within 30 days.
In progress – Available by May 25th
Portability of your data
As she may request the deletion of her data, Emma may also request access to the information you hold about her. Personal data is all identifiable data, such as his name and email address. If it requests access, you (as data controller) must provide a copy of the data, in some cases in a computer readable format (eg .csv or .xls).
BeesApps will allow you to respond to any request for access / portability of your data by exporting them in a format readable by your computer. The data are all notes, projects, tasks, documents etc … that you have entered in the tool. Manage it all directly from your space dedicated to managing and mastering your data .
In Progress – Available by May 25th
In Progress – Available by May 25th
Ensure the highest level of security
The RGPD requires a large number of data protection safeguards, from data encryption at rest and in transit to access controls, pseudonymisation and data anonymisation.
As part of GDPR compliance, BeesApps strengthens its security checks in all domains.
In order to comply with the concept of Privacy by Design , the new regulation governing data protection, we have set up logging, anonymization and data minimization tools. as well as reports that can be used during security audit.
The Beesy solution uses the latest security standards and protocols to ensure the protection of your data. Data is only securely transferred through HTTPS protocols. In addition, the data whether at rest or in transit are encrypted with, for example, encryption keys.
Our architecture is protected and its access secure. We have put in place the necessary precautions to prevent any risk of cyber attack and data leakage.
In Progress – Available by May 25th
In order to comply with the concept of Privacy by Design , the new regulation governing data protection, we have set up logging, anonymization and data minimization tools. as well as reports that can be used during security audit.
The Beesy solution uses the latest security standards and protocols to ensure the protection of your data. Data is only securely transferred through HTTPS protocols. In addition, the data whether at rest or in transit are encrypted with, for example, encryption keys.
Our architecture is protected and its access secure. We have put in place the necessary precautions to prevent any risk of cyber attack and data leakage.
In Progress – Available by May 25th
Cookie management
Emma must be aware that cookies are used to track her activity (in a language that she can understand) and she must give her consent to this.
Into Beesy no cookie is used to track the activity of our users.