The GDPR (General Data Protection Regulation) is an important piece of legislation that is designed to strengthen and unify data protection laws for all individuals within the EU. The regulation will become effective and enforceable on the 25th May 2018. Our commitment: Clever Messenger is fully committed to achieving compliance with the GDPR prior to the regulation's effective date.
What is Clever Messenger doing about the GDPR? We began to dedicate internal resources to the GDPR in December 2017, 6 months before the deadline. We did this because we value our customers (and their customers) rights to privacy. Compliance with and to international law and regulations are very important to us.
A condensed version of our GDPR Roadmap:
Milestones
Descriptions
Research the areas of our product impacted by GDPR
Appoint a Data Protection Officer
Rewrite our Data Protection Agreement
Develop a strategy on how to address impacted areas
Perform the necessary changes to our product
Develop Opt-in Consent Control
Implement the required changes
Test all changes to validate compliance with GDPR
Finalize and communicate our full compliance
Overal Status of Completion:
Status
Status
Completed
Clever Messenger has also engaged with numerous outside attorneys on our approach. We felt this was and will be very important because the legislation is so new and far reaching.
What changes is Clever Messenger making to be GDPR Compliant? We are taking many steps across the entire company to ensure we will be ready for the GDPR. We're working on interfaces that will allow you to address requests from your customers related to their rights for accessing any personal data that might stored in your Clever Messenger account.
Based on the research conducted by both our inside and outside counsels we are confident these changes will address the requirements of GDPR.
What do Clever Messenger Customers need to do? There are two things that you might need to do depending on your situation and jurisdiction. Below are the only impactful changes that we can foresee that might affect you as a result of using Clever Messenger:
Make sure your Terms of Service or Privacy Policy properly communicate to your users how you are using Clever Messenger (and any other similar services) on your website or app. This requirement has always been part of Clever Messenger’s Terms of Service, but the GDPR can heavily penalize you if you’ve not done this clearly. We recommend you ensure your policies are up to date and clear to your readers.
If you are in the European Union you’ll likely want to sign a Data Processing Agreement with Clever Messenger. We’re happy to do so. We're currently working with counsels to set up this document in order to make sure we're all in compliance with GDPR and other generally acceptable privacy laws.
You can review and digitally sign a copy ofthe Data Processing Agreement here. Once you sign it, we provide you with a fully executed downloadable copy via email within 2 business days. If you have any questions about its contents simply emailsupport@clevermessenger.com.
I’m new to the GDPR and would love more details on what it is. The General Data Protection Act (GDPR) is considered to be the most significant piece of European data protection legislation to be introduced in the European Union (EU) in 20 years and will replace the the 1995 Data Protection Directive.
The GDPR regulates the processing of personal data about individuals in the European Union including its collection, storage, transfer or use. Importantly, under the GDPR, the concept of “personal data” is very broad and covers any information relating to an identified or identifiable individual (also called a “data subject”).
It gives data subjects more rights and control over their data by regulating how companies should handle and store the personal data they collect. The GDPR also raises the stakes for compliance by increasing enforcement and imposing greater fines should the provisions of the GDPR be breached.
The GDPR enhances EU individuals’ privacy rights and places significantly enhanced obligations on organizations handling data.
In summary, here are some of the key changes to come into effect with the upcoming GDPR:
Expanded rights for individuals: The GDPR provides expanded rights for individuals in the European Union by granting them, amongst other things, the right to be forgotten and the right to request a copy of any personal data stored in their regard.
Compliance obligations: The GDPR requires organizations to implement appropriate policies and security protocols, conduct privacy impact assessments, keep detailed records on data activities and enter into written agreements with vendors.
Data breach notification and security: The GDPR requires organizations to report certain data breaches to data protection authorities, and under certain circumstances, to the affected data subjects. The GDPR also places additional security requirements on organizations.
New requirements for profiling and monitoring: The GDPR places additional obligations on organizations engaged in profiling or monitoring behavior of EU individuals.
Increased Enforcement: Under the GDPR, authorities can fine organizations up to the greater of €20 million or 4% of a company’s annual global revenue, based on the seriousness of the breach and damages incurred. Also, the GDPR provides a central point of enforcement for organizations with operations in multiple EU member states by requiring companies to work with a lead supervisory authority for cross-border data protection issues.
If you are a company outside the EU, you should still be aware of this. The provisions of the GDPR apply to any organization that processes personal data of individuals in the European Union, including tracking their online activities, regardless of whether the organization has a physical presence in the EU.
We continue to add tools to Clever Messenger helping you to comply with GDPR
Disclaimer: This is Our standard template to be used in your website's Privacy Policy and designed to aid compliance with data protection legislation. As many local and jurisdictional regulations are emerging on a regular basis, the information contained in the template may not reflect the most current legal developments in your jurisdictions. Only qualified and dedicated legal expertise can guarantee that your privacy policy is compliant with the laws applicable. If you are not sure about any legal questions, or have any questions or doubts about our template you should consult with a lawyer or law firm specialized in digital communications law. If the local laws of your jurisdictions require a website privacy policy to contain further information feel free to contact us.
------- START TEMPLATE -------
We use Clever Messenger ("CM") in order to better communicate with Our Users, to optimize Our Service and to provide Our Users' an amazing experience. CM is a service that allows Us to build Chatbots for Messenger. By using CM, We integrated the Messenger API. Basically, CM gives it’s Us the ability to build chatbots on Messenger. In essence, a chatbot in this case is an enhancement to a Facebook™‘s page replying abilities, that allows a Facebook™ page to automatically process and send messages without the need to a manual intervention. To get a detailed understanding of what CM and Messenger chatbots are, We suggest navigating to Their public Knowledge Base ("https://docs.clevermessenger.com/"). CM uses cookies and other technologies to collect data on our users’ behavior and their devices. You can find full list of what is being collected in Their Cookie Policy ("https://clevermessenger.com/cookie-policy/"). Neither CM nor we will ever use this information to identify individual users or to match it with further data on an individual user. For further details, please see CM’s Privacy Policy by clicking on this link ("https://clevermessenger.com/privacy-policy/").
------- END TEMPLATE -------
If you are customer of Clever Messenger you'll likely want to sign a Data Processing Agreement.
Enabling "double opt-in" is a practice that may help you comply with the affirmative consent requirements of the GDPR.
To do this in Clever Messenger:
Create a Flow that asks for your subscriber's explicit consent to receive further communications.
This can be as easy as a Message with a Quick Reply (a Yes and No will suffice)
Add a Tag to the Quick Replies in order to generate proof of, giving or withdrawal, consent.
Under the GDPR, subscribers have the right to data portability and right of access to their data. Exporting subscriber data can help you comply with these request.
Under the GDPR, subscribers have the right to request deletion of their data. Familiarising yourself with how to delete subscriber information may help you comply with such requests.
The contents of this page are for informational purposes only, and do not contain any legal advice. To understand the implications of the GDPR on your organization, we recommend you seek legal counsel from a legal professional.
