On May 25th, 2018, the European Union introduced new personal data security regulations. The General Data Protection Regulation (GDPR) ) strengthens the rights of the individual over the personal data that they provide to you. The GDPR is the most comprehensive such regulation yet, if you’re doing any sort of business with anyone based out of the European Union, then you will need to ensure you’re compliant. Failure to do so can incur a hefty penalty - up to 4% of your global revenue!
As a global market leader, with offices, development centers, and customers on three continents, including the EU, Zift Solutions places great importance on data security compliance, and features that support the need of international businesses. We have reviewed both our data processing procedures and our product features to ensure that we continue to provide the best possible service to you.
Our products support your data privacy requirements by design, and most of the requirements for GDPR compliance are already included in our ZiftONE product. We’ve also added new features and processes to ensure we’re playing our part to meet GDPR compliance.
ZiftONE GDPR Compliance Features
- Each of our personal data capture forms across all landing pages and showcases will include a message informing the visitor how their data will be stored prior to submitting their details.
- Right to be Forgotten - Individuals (contacts) can request that their personal information be anonymized using Control My Data. After providing their email address, individuals will have the option to either anonymize the information or unsubscribe from being contacted.
- One-click unsubscribe links across all of our marketing emails, making it easy for individuals to manage their consent.
- ISO-27001 and SOC-2 compliant processes to ensure your data is managed as securely as possible.
- Protected Personal Data - The My Downloads section in the User Profile protects personal data. Only logged-in, identifiable users can access data. Personal data is not going out in emails. For information, see Where can I find my exported reports? in the ZiftONE Academy.
- Partner Terms and Conditions - you can view the status of partner acceptance of the ZiftONE Terms & Conditions on the Partner Details page.
- To request access to personal data for an individual, contact your designated partner support representative. Users are not charged for data deletion or access requests. The export or deletion of your data may take up to 30 days.
- In the unlikely event of a personal data breach occurring, Zift will notify affected countries’ supervising authorities within 72 hours.
ZiftONE Application Terms and Conditions
You may have noticed a change to ZiftONE’s Terms and Conditions for partners. No need to fear, we’ve just updated it to adhere to the upcoming European Union’s GDPR – General Data Protection Regulation – rollout, which comes into effect on May 25th, 2018.
We’ve made these changes to outline both your company’s, as well as Zift Solutions’ responsibilities and compliance obligations when it comes to maintaining the privacy and security of all customer data. The key changes are:
2019
- Updated: Additional Terms Applicable to Personal Data Subject to GDPR, Role of Parties section - Company shall process personal data in compliance with all laws applicable to it as a Processor of Personal Data, including GDPR and the e-Privacy Directive or its successor regulation.
- Updated: Additional Terms Applicable to Personal Data Subject to GDPR, Processing Scope and Duration section - ...analytics information, such as cookie IDs, internet usage, and engagement with communications;...
- IASME Consortium Certificate of Assurance
2018
- Use of Data – your contacts remain the sole ownership of your company, and will not be shared with any other third party. We’ll only use your data to solely provide services to you, and only with your permission, transfer data to a third party who will provide the same services to you.
- International Data Transfer – your company is classified as the “data controller”, in which case, it’s your company’s responsibility to ensure you have the necessary permissions to store each of your contact’s information. We as a “data processor” need to ensure we maintain the security of your contact data accordingly.
The changes noted above are just the highlights. Be sure to review the full Terms and Conditions here to make sure you understand it. You can request electronically signed copies of the Zift Terms and Conditions for your records by submitting this request form.
Privacy Policy
You may have noticed a change to Zift’s Privacy Policy. Here is a summary of the changes.
February 2020
- Updated: Individuals can request that their personal information be anonymized using Control My Data. After providing their email address, individuals will have the option to either anonymize the information or unsubscribe from being contacted.
January 2019
-
Updated: Additional Terms Applicable to Personal Identification.
Zift follows Privacy Shield compliant processes to ensure your data is managed as securely as possible. Our Privacy Policy is available for review.
You may stop communications using the opt-out feature included in the messages and prevent the storage of cookies using browser settings.
Questions? Contact your designated partner support representative.
Frequently Asked Questions (FAQs)
Q: How can I stop processing data related to an individual, at their request?
A: Partners can update their partner information in ZiftONE through the company profile settings.
Q: How can a supplier user view and update their personal data?
A: To request a change, please contact your designated partner support representative.
Q: How can I review my partners’ consent to the ZiftONE Terms and Conditions?
A: Suppliers can see which partners have accepted the ZiftONE terms of service by opening Partner Management > All Partners and opening the advanced filters at the bottom of the left panel. Set the Terms of Service / Accepted filter to Yes and click Apply to see which partners have accepted the Terms and Conditions.
Q: How can I request the anonymization of personal data, based on a request from an individual?
A: Any requests for anonymization of a contact's personal data can be made by clicking Control My Data and providing the individual's email information. You will be prompted to select anonymize the information or unsubscribe from being contacted by suppliers.
Q: How can I request database export at the end of the contract?
A: Partners are instructed to export their data in the shut-down messages to them. If they are unable to export their data or have questions they can contact their Zift point of contact for help with exporting data. The Support Team will forward to the appropriate resource.
Q: How can I request that my data be deleted?
A: Contact your designated partner support representative. When a request is received, the Support Team will forward to the appropriate resource.
Note: Distributed and registered leads are considered to be shared data between the partner and supplier and will require the permission of both parties to delete the data.
Comments
Please sign in to leave a comment.