Nutcache is committed to protecting and safe guarding your personal data, which is why we have taken all the required measures to protect the fundamental right to privacy and the protection of personal data for people affected by the new European data protection law, known as the General Data Protection Regulation (GDPR).
What is the GDPR?
The EU General Data Protection Regulation (GDPR) is a new privacy regulation replacing the 1995 EU Data Protection Directive. It was designed to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy.
The GDPR aims primarily to give control to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU. In order to comply with this new regulation, each business who collects data from EU citizens must:
- Implement a process to respond to DSR (Data Subject Rights) requests such as exporting or deleting customer data.
- Ensure there is appropriate data security in place to prevent unauthorized access to customer data (“Data protection by design and by default”).
- Change their sign-up process to ensure all registrants give explicit consent to collect their data.
The GDPR will come into effect on May 25, 2018.
How is Nutcache affected by this regulation?
According to article 3 of the GDPR (Territorial scope), the regulation applies to the processing of personal data of data subjects who are in the Union by a controller or processor not established in the Union, where the processing activities are related to: (a) the offering of goods or services, irrespective of whether a payment of the data subject is required, to such data subjects in the Union; or (b) the monitoring of their behaviour as far as their behaviour takes place within the Union.
What type of information does Nutcache collect?
From our website
Nutcache collects a variety of information that you provide directly to us, including personal and financial info gathered via:
- The product subscription process
- The contact form
- The live chat
- Document downloads (white papers, ebooks)
- The newsletter registration
In addition to the information you provide, Nutcache may also collect information during your visit to our website through the use of a variety of technologies, including cookies and similar tools, to assist in collecting this information. These tools collect certain standard information that may include your web request, Internet Protocol (“IP”) address, browser type and settings, date and time stamp information and other such information.
From analytics tools
From social medias
We use social media widgets on our website to engage with our visitors who may post links to third party websites. However, these websites have their own privacy policies and Nutcache does not accept any responsibility or liability for their policies. You should also adjust privacy settings on your account on any third-party website to match your preferences.
From online advertising
Third parties or affiliates may administer Nutcache banner advertising programs and other online marketing activities. For example, a third-party provider may use the fact that you visited the Nutcache website to target online ads for Nutcache services to you on non-Nutcache websites.
How we use your information
The information we collect helps us understand how our website is being used in order to improve its quality and make it more useful for our visitors. We use the information we collect to keep our users informed about our products and services, to provide them with the required support, but also to offer effective customer service and respond to various demands. The information collected can also be used to perform analysis, research and reports regarding use of our application and ultimately to understand and resolve application crashes and other issues being reported.
How does Nutcache comply with GDPR?
As a data controller processing personal data, we are governed by the provisions of the GDPR. In this regard, we are subject to obligations and must abide by them. In view of its situation, we took the required measures to fully comply with the GDPR regulations by May 25, 2018.
How we protect your information
We encrypt web connections to both our website and application (d
to protect data transmissions and use industry-standard OTP technology to further secure access to our corporate infrastructure.
Personnal data from our customers is stored on our secured servers hosted by OVH infrastructure, which is bound by the GDPR regulations in its capacity as a processor and as a data controller.
As for data handling, we use the same 256-bit SSL encryption and physical security that banks use, which helps prevent account theft. Customer credit card information is stored and secured at Stripe, the payment gateway used by Nutcache for managing customer subscription payments. The confidentiality and security measure pertaining to those personal information are governed exclusively by Stripe.
In addition, our practices are monitored and verified by Trust Guard and GoDaddy, two world leaders in security, ensuring that your data is safe and accessible only by you.
Consistent with the federal Children’s Online Privacy Protection Act, if we become aware that we have collected personal information from children under the age of 13, we will take reasonable steps to delete it as soon as practicable.
Nutcache account owners and admins can easily access and manage the personal information of their team members. More specifically, owners and admins can update, modify, export and delete user’s personal information from within the application.
Data storage time
We will retain your data even after you unsubscribe to our Services and use your information to facilitate your account reactivation, and if necessary to comply with our legal obligations, resolve disputes and enforce our commitments. Should you wish to obtain the total deletion of your data, please make the request by contacting [email protected]. Your data will be deleted within 60 days following your request.
Being in line with GDPR requirements is part of our ongoing effort to protect your fundamental right to privacy and the protection of your personal data.