At CNL Software, we take privacy seriously and we are committed to continuing to comply with data protection laws. General Data Protection Regulation (GDPR) is coming in May 2018. Here’s how we’re getting CNL Software ready.
What is the GDPR?
The GDPR is a European Union regulation that establishes a new framework for handling and protecting the personal data of EU-based residents. It comes into effect on May 25, 2018. Personal data plays a huge part in society and the economy. It is essential that people have — and know they have — control and clarity over how their data is used and protected by any organisation they interact with, and that organisations are given clear guidelines to protect their personal data.
One of the aims of the GDPR is to harmonise and bring data privacy laws across Europe up to speed with the rapid technological change in the past two decades. It builds upon the current legal framework in the European Union, including the EU Data Protection Directive in existence since 1995.
GDPR is an opportunity to build a stronger data protection foundation for the benefit of all. CNL Software is committed to ensuring that our platform is GDPR-compliant when the regulation becomes enforceable on May 25, 2018.
How will CNL Software comply with the GDPR?
Trust is the foundation of our relationship with thousands of people and businesses around the world. We value the confidence you’ve put in us and take the responsibility of protecting your information seriously. CNL Software’s experts have carefully analysed the GDPR and are undertaking the necessary steps to ensure that we comply. CNL Software’s CEO has personally overseen Legal, Privacy and Compliance Teams preparing the company for GDPR. We will meet the requirements of the GDPR by 25 May 2018.
CNL Software is committed to transparency, control and accountability.
- Transparency: Our Data Policy will remain the single consolidated place that maps out the ways in which we use data and process people’s personal information.
- Control: Privacy by design means that organisations handling personal data need to think about data protection when designing systems, not just review privacy implications after a product or process is developed. If you process a lot of data or deal with sensitive information, in many cases you’ll also need to conduct data protection impact assessments to meet the privacy by design principle.
- Accountability: We are accountable for our privacy practices, which includes updating our existing compliance program to ensure that we are adequately documenting our GDPR review and compliance.
- With our current measures and continual improvements, we believe we are well placed to provide appropriate security measures for your data and earn your trust. We use several systems to help support you and keep you informed about our product, our activities and our services.
When you submit a support question we collect your first name and last name (only when provided) and your email address so that we can correspond with you.
When you subscribe to our newsletter we collect your name (only when provided) and your email address so that we can correspond with you. Your personal data will not only be stored in the website’s database but also in Wizemail, the application we use to send our newsletters. When you submit a request for a new add-on we store your email address so that we can keep you updated about your request.
We use Wizemail for our newsletter campaigns. Wizemail is leading email delivery platform and is GDPR compliant. They have a campaign builder that makes it easy to create email templates. In Wizemail we only store your email address and when provide your name.