We will be making some updates to our Privacy Policy, which will be effective from May 25, 2018. These changes will reflect the increased transparency requirements of the EU General Data Protection Regulation (known as the ‘GDPR’). It is our goal to be as transparent as possible with our members about the personal data we collect to provide services.
We want to provide you with clear and straightforward information about the personal data we collect and use and how we protect your data in our Privacy Policy. Today we are merely announcing updates to the Privacy Policy by adding more simple information regarding Personal Data Protection Policy, Privacy Notice, and Data Retention Policy– which clarify and provide additional information about:
- The basic principles by which we process your data;
- What data do we need, the reason why we need it, what do we do it, how long do we keep the data, and what your rights are and how to exercise them.
- The legal bases we rely on to process your data.
What is new?
We are providing additional information and resources to help you understand and control the personal data you share with us:
- Personal Data Protection Policy -We have provided updated information in the Personal Data Protection Policy page. These are fundamental principles by which we process the personal data of consumers, customers, suppliers, business partners, employees and other individuals, and indicates the responsibilities of its business departments and employees while processing personal data.
- Privacy Notice – We want to make sure that you are aware on how we process your data. The update includes a list of information that answers the most common questions- what data do we need, why we need it, what we do with it, how long we keep it, and your rights to your data.
- Data Retention Policy – This policy sets the required retention periods for specified categories of personal data and sets out the minimum standards to be applied when destroying specific information within Crystal Commerce.
- Guide on How to become GDPR compliant by using Cookie Consent – If your website uses multiple marketing tags like AdWords conversion tracking, Facebook pixel, or Hotjar- it is needed for your site to be GDPR compliant. We wrote this article to guide you on how to become GDPR compliant by using cookie consent on your website.
- Steps to GDPR Compliance with Google Analytics – Under the GDPR, if you use Google Analytics on your website, then Google is your Data Processor. We wrote simple steps on how to be GDPR compliant with Google Analytics.
What has not changed?
What has not changed is CrystalCommerce’s ongoing commitment to ensuring our members’ privacy of data. We always want to remind you that you have 100% control over the personal data that you share with CrystalCommerce. Your privacy and security are critical to us.
Common questions:
Do I need to comply with the GDPR privacy law?
If you collect, change, transmit, erase, or otherwise use or store the personal data of EU citizens, you’ll need to comply with the GDPR privacy law. You should consult with legal and other professional counsel regarding the full scope of your compliance obligations.
I am aware that my website uses Google Analytics, what is my next step?
Under the GDPR, if you use Google Analytics on your website, then Google is your Data Processor. We wrote simple steps on how to be GDPR compliant with Google Analytics.
My website does not use Google Analytics, do I still need to comply with the GDPR privacy law?
If you collect, change, transmit, erase, or otherwise use or store the personal data of EU citizens, you’ll still need to comply with the GDPR privacy law.
Is there a feature in the Admin that I can use for my website to be GDPR compliant?
We are working on a feature in the admin that will allow you to enable a customized notification(s) to your website. We will keep you updated regarding this update.
