As you’re probably aware, new personal data security regulations are being introduced in all European Union countries on 25 May 2018. The General Data Protection Regulation (GDPR) strengthens the rights of the individual over the personal data that they provide to you. The GDPR is most comprehensive such regulation yet, so if you’re doing any sort of business with anyone based out of the European Union, then you will need to to ensure you’re compliant. Failure to do so can incur a hefty penalty - up to 4% of your global revenue!
As a global market leader, with offices, development centers, and customers on three continents, including the EU, Zift Solutions places great importance on data security compliance, and features that support the need of international businesses. We have reviewed both our data processing procedures and our product features to ensure that we continue to provide the best possible service to you.
Our products support your data privacy requirements by design, and most of the requirements for GDPR compliance are already included in our Zift123 product. We’ve also added new features and processes to ensure we’re playing our part to meet GDPR compliance. These features include, but are not limited to:
- Each of our personal data capture forms across all landing pages and showcases will include a message informing the visitor how their data will be stored prior to submitting their details.
- We will provide a mechanism for individuals to request access to their personal information we have, and to also have that information removed.
- One click unsubscribe links across all of our marketing emails, making it easy for individuals to manage their consent
- ISO-27001 and SOC-2 compliant processes to ensure your data is managed as securely as possible
- Protected Personal Data - The new My Downloads section in the User Profile, protects personal data. Only logged-in, identifiable users can access data. Personal data is not going out in emails.
ZIft Marcom Application
- Partner Terms and Conditions - you can view the status of partner acceptance of the Zift123 Terms & Conditions on the Partner Details page.
- To request access to personal data for an individual, contact firstname.lastname@example.org. Users are not charged for data deletion or access requests.
- In the unlikely event of a personal data breach occurring, Zift will notify affected countries’ supervising authorities within 72 hours.
Zift123 Application Terms and Conditions
You may have noticed a change to Zift123’sTerms and Conditions for partners. No need to fear, we’ve just updated it to adhere to the upcoming European Union’s GDPR – General Data Protection Regulation – rollout, which comes into effect on May 25th, 2018.
We’ve made these changes to outline both your company’s, as well as Zift Solutions’ responsibilities and compliance obligations when it comes to maintaining the privacy and security of all customer data. The key changes are:
- Use of Data – your contacts remain the sole ownership of your company, and will not be shared with any other third party. We’ll only use your data to solely provide services to you, and only with your permission, transfer data to a third party who will provide the same services to you.
- International Data Transfer – your company is classified as the “data controller”, in which case, it’s your company’s responsibility to ensure you have the necessary permissions to store each of your contact’s information. We as a “data processor” need to ensure we maintain the security of your contact data accordingly.
Frequently Asked Questions
Q: How can my partner access and update their personal data?
A: Partners can update their partner information in Zift123 via Settings > Company Profile
Q: How can a supplier user view and update their personal data?
A: Supplier email information is stored in ZiftAdmin. To request a change, please contact email@example.com
Q: How can an agency user view and update their personal data?
A: Agencies can update their partner information in Zift123 in the same way as partners, via Settings > Company Profile
Q: How can I stop processing data related to an individual, at their request?
A: Any individual can use the unsubscribe link provided in emails. Alternatively, you can manage their subscription status. Here are links that explain how to do this.
Q: How can I view which contacts or leads have unsubscribed to marketing efforts?
A: Zift123 users can view contact and leads that have unsubscribed on the suppression list. Zift123 > Settings > Suppression List
Q: How do I add an Unsubscribe link to a Marketing Communication?
A: The links below explain how to provide an Unsubscribe Link into a “Create your own Mailing” in Zift123
Q: How can I review my partners’ consent to the Zift123 Terms and Conditions?
A: Suppliers can filter to see which partners have or have not accepted the Terms and Conditions of Use using the new filtering option, Terms and Conditions, in Advanced Filters, Partners > All Partners > Advanced Filters.
Q: How can I export the personal data relating to an marketing contact?
Q: How can I request anonymization of personal data, based on a request from an individual?
A: Any requests for anonymization of personal data will need to be made through your Zift point of contact or the Support team, firstname.lastname@example.org. When a request is received, the Support Team will activate the relevant procedure.
Q: How can I request database export at end of contract?
Partners are instructed to export their data in the shut-down messages to them. If they are unable to export their data or have questions they can contact their Zift point of contact or our Support Team for help with exporting data. Contact email@example.com if necessary. When a request is received, the Support Team will forward to the appropriate development resource.
Q: How can I request that my data be deleted?
A: Contact the Support team, firstname.lastname@example.org.When a request is received, the Support Team will forward to the appropriate development resource.
Note: Suppression lists cannot be deleted. Distributed and registered leads are considered to be shared data between the partner and supplier and will require the permission of both parties to delete the data.