GDPR
Last Updated: 04/25/2022
The purpose of this document is to address relevant topics and questions linked to GDPR and how it influences Cloaker Shield's customers.
It's given in an understandable FAQ format and references relevant documents.
What is the GDPR?
Passed in 2016, the new General Data Protection Regulation (GDPR) is the single most significant legislative change in EU data protection laws that replaced the 1995 EU Data Protection Directive on May 25th, 2018. It seeks to strengthen the security and protection of personal data in the EU and serve as a single piece of legislation for all of the EU.
Data protection laws govern the way that businesses collect, use, and share personal data about individuals. Among other things, they require businesses to process an individual's personal data fairly and lawfully, allow individuals to exercise legal rights in respect of their personal data (for example, to access, correct or delete their personal data), and ensure appropriate security protections are put in place to protect the personal data they process.
Cloaker Shield supports the GDPR principles of protecting the fundamental right of privacy for European citizens.
Who does the GDPR apply to?
The GDPR applies to all entities and individuals based in the EU and to entities and individuals, whether or not based in the EU, that process the personal data of EU individuals. The GDPR defines personal data as any information relating to an identified or identifiable natural person. This is a broad definition, and includes data that is obviously personal (such as an individual's name or contact details) as well as data that can be used to identify an individual indirectly (such as an individual's IP address - when it can be related to a person).
What is Cloaker Shield's role under GDPR?
Cloaker Shield acts as a data processor under the GDPR. In a nutshell, Cloaker Shield's customers own the data and Cloaker Shield processes it on their behalf.
What personal data does Cloaker Shield collect from its customers?
Cloaker Shield stores data that customers have given voluntarily. For example, Cloaker Shield may collect and store contact information, such as name, email address, phone number, or physical address when customers sign up for click fraud protection services or seek support help. Cloaker Shield may also collect other identifying information from its customers, such as IP address.
What other personal data does Cloaker Shield collect?
As a data processor, Cloaker Shield collects and stores data on persons and bots that visit Cloaker Shield's customers' websites, including:
Our platform does not collect any data that by itself identifies an individual, such as a name, address, phone number, email address. We also do not collect any "sensitive" or "special categories of personal data" as defined under the European data protection laws, as well as personal data of children as defined in Applicable laws.
What is Cloaker Shield's Data Processing Agreement (DPA)?
Customers that handle EU personal data are required to comply with the privacy and security requirements under the GDPR. As part of this, they must ensure that the vendors they use to process EU personal data also have privacy and security protections in place. Cloaker Shield's Data Processing Agreement outlines the privacy and security protections in place at Cloaker Shield.
Are customers required to sign/accept Cloaker Shield's DPA?
In order to use Cloaker Shield services, customers need to accept the DPA, which is provided with a link on our website: Data Processing Agreement. By agreeing to Cloaker Shield's Terms of Service, customers are automatically accepting the DPA and do not need to sign a separate document.
Can customers share Cloaker Shield's DPA with their customers?
Yes. DPA is a publicly available document, and customers who wish to share it with their customers to confirm Cloaker Shield's security measures and other relevant terms may freely do so.
Does Cloaker Shield store data outside the EU?
The GDPR replicates the Data Protection Directive restrictions on transferring data outside the EU and prohibits the export of personal data outside of the EU to non-EU recipients unless the export meets certain criteria. Cloaker Shield provides a level of protection of privacy that complies with the EU rules. To confirm this, Cloaker Shield will certify the company under the Privacy Shield.
How does Cloaker Shield handle delete instructions from customers?
Data collected by Cloaker Shield as a data processor is periodically removed, based on the "Data Retention" section of our Terms of Service. If the right to erasure applies, customers have the ability to remove or delete personal information they have shared with Cloaker Shield by making an explicit request. Likewise, customers may deactivate their account and request that all personal data Cloaker Shield has collected and stored is deleted.
"To prevent fraudulent removal requests," we may need to further verify the identity of a person making the request, including, but not limited to, document verification.
How can a customer view and download content from Cloaker Shield services?
Customers can obtain by written request.