The EU General Data Protection Regulation (GDPR) was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy. It is in effect from May 25, 2018.
At Mobilize, we fulfill its obligations and maintain our transparency about community interactions and group communication and how we use data.
Does the GDPR affect everyone?
If you hold or process the data of an any person in the EU, the GDPR will apply to you, whether you’re based in the EU or not.
How is Mobilize compliant with GDPR?
Our team worked hard to prepare the roadmap for the GDPR release. We completed a massive overhaul of processes and data models to make sure we’re meeting our legal obligations, and doing the best we can to protect our customers while still allowing us to move fast, scale and develop great features.
How we are ensuring that we, and our customers meet the GDPR obligations:
We’ve built new features
Our teams are building the necessary features that will enable our customers to easily meet their GDPR obligations.
Mobilize can help you meet your data portability requirements for GDPR, you can easily export all of your data linked to an individual and permanently delete all data linked to an individual member.
We've also added some more features to allow you and your members to have more control over your data:
- Confirming you have member consent when adding members to your Mobilize account
- Getting member consent upon registration
- Getting member consent when members add other members to your community (assuming you allow members to directly add other members)
- Deleting a member
- Deleting content like posts and chats
- Leaving a community
- Closing my Mobilize account
We’ve created a Data Processing Agreements (DPAs):
Strong data protection commitments are a key part of GDPR’s requirements. Our data processing agreement shares our privacy commitments and sets out the terms for Mobilize and our customers to meet the GDPR requirements. You can download the DPA here or you can find it in our GDPR section of our Help Center. Once you have filled it out feel free to send it back to us to: firstname.lastname@example.org.
We are certified for International Data Transfers:
The EU-US Privacy Shield is a framework negotiated and agreed upon by the European Commission and U.S. Department of Commerce as a lawful way of transferring personal data.
To comply with EU data protection laws around international data transfer, we self-certified under the E.U.-U.S. Privacy Shield framework.
We’re coordinating with our vendors
We reviewed all our vendors, understood their GDPR plans and arranged similar GDPR-ready data processing agreements with them.
We’ll also help our customers and prospective customers be compliant. Some steps you can take are:
- Get familiar with the GDPR requirements and how they affect your community.
- Map out everywhere you process data such as - list servs and excel databases.
- Look at your community roadmap, think about privacy when you’re planning.
- Chat to your lawyer about what your community needs to do to.
Feel free to reach out to us if you have any questions about GDPR.