GDPR COMPLIANCE
On the 25th May 2018, the EU General Data Protection Regulation (GDPR) comes into effect. As such, we are updating our privacy policy and terms of service to ensure we continue to comply with the highest possible standards whilst continuing to provide the same level of service.
Our Privacy Policy contains mentions of the few instances where personally-identifiable information is required. Typically this will include an email address in order to log in to a Wed Design Cafe installed instance or social network username in order to manage your account.
Overall, we aim for privacy by default: if data collection is not integral to the way our product works, then we won’t collect it. This approach has felt very much in line with the spirit of GDPR, and we’re fortunate that a lot of these data collection practices have been in place at Web Design Cafe for some time. As such, you may see a few banners or forms requesting consent for us to collect personally-identifiable information for tracking or other purposes. We don’t deem this information necessary to provide Web Design Cafe’s service to you, and we choose not to engage in activities and strategies that make this data relevant.
At any time, you may request your information to be exported and sent to you for review, and we promptly honor any requests by you to have your information deleted and forgotten.
Here is the progress on GDPR compliance:
Data Mapping
Status: Complete
We are auditing all areas of Web Design Cafe to determine what personal data we collect and for what purpose. In a case where collecting personal data is not essential, we are removing that collection process.
Privacy Policy
Status: Complete
We’re working with a legal consultant to ensure that our policy contains the proper language, that it’s easy to understand, and that it communicates clearly any instances of personal data collection.
Cookies
Status: Complete
We will add a cookie notice to all relevant pages in order to comply with the E-Privacy Directive. We do not collect personally-identifiable information with our cookies, but we do want to acknowledge the use of cookie technology on our website.
Deletion
Status: Complete
A user has the right to request that we delete all of their personal data. Users who wish to inquire about the right to be forgotten will be able to reach out to us at any time.
Access / Portability
Status: Complete
A user can request access to a copy of the personal data that we have collected. Users who wish to request portability can reach out to us at any time.
Modification
Status: Complete
In Web Design Cafe, if a user asks to change their information, we can do so upon request. If a user has a modification to make, they can reach out to us here: Get in touch
Data Protection Agreement
Status: Complete
We are creating a legal agreement that users and external parties can receive from us, promising the protection of all personally identifiable information that we collect and store.
Sub-processors
Within Section 7 of our DPA, we commit to displaying a list of all current sub-processors in use by Web Design Cafe. A sub-processor includes any third party that we share personally identifiable info with.
Here is that list:
- AWS (Amazon SMPT)
- Google Cloud
- Apple (Push)
- Google (Analytics and Push)
- Stripe
Frequently asked questions about GDPR and Web Design Cafe
Q: As a Super Administrator and license holder of a portal on Web Design Cafe, how will the GDPR affect me?
A: If you are a business with customers in the EU, the GDPR will be applicable to you when you are handling personal data of your EU customers. We advise you to consult a legal advisor to ensure you are compliant.
Q: Does the GDPR change how I can use Web Design Cafe?
A: No. Web Design Cafe’s features and functionality are unaffected by the GDPR.
Q: How does Web Design Cafe collect data—by email, electronic forms, activity tracking, etc.?
A: We primarily collect data when a user signs-up for Web Design Cafe services. Where data tracking is enabled we make sure that we do not collect any personally identifiable information.
Privacy Policy
Last updated: April 17, 2018
Our full Privacy Policy is available at the link below. A quick overview of recent changes to the policy:
- Increased clarity on what sensitive information is collected and why
- Increased clarity on the storage and duration of sensitive information
Terms of Use
Last updated: April 17, 2018
Our full Terms of Use is available at the link below. A quick overview of recent changes to the Terms of Use:
- Clarity on what types of content may be considered hate speech or threatening
- Updated process for account suspension or removal