Data Transparency / GDPR FAQ’s
What is GDPR?
The General Data Protection Regulation (GDPR) is designed to provide privacy and protect the personal data of all EU residents. Individuals now have a greater say over how their personal data is collected, used, stored and disposed of – and all businesses have a legal responsibility to ensure they comply. This applies to all organisations, irrespective of location, even beyond the borders of the EU, when working with EU residents' personal data in any manner. It replaces the Data Protection Directive (DPD) and The UK Data Protection Act 1998.
What is personal data?
Personal data is information that relates to you as a person or you as a ‘data subject’- this could be direct or indirect information that relates to you. Examples of which are names, photos, email addresses, computer IP addresses etc.
Who has the right to work with personal data?
Either a ‘Controller’ or a ‘Processor’
A ‘Controller’ determines the conditions , purposes and means of processing personal data- regardless of whether they collected the data from a data subject directly or indirectly.
A ‘Processor’ is an entity that processes the personal data under the instruction of the controller.
What is Clarity Stack?
We are both Processor and Controller - Data (eg email addresses) is provided to us either via signup or requests. Any action we take on a customer's personal data we do as a processor.
We control some of our data in the service we provide and it’s use.
Consent is not required for the processing of personal data - But GDPR states there must be a lawful reason for it - The law provides six legal bases for processing: consent, performance of a contract, a legitimate interest, a vital interest, a legal requirement, and a public interest.
As ClarityStack is both Processor and Controller Our processors (including our data suppliers) are GDPR compliant and We have a legal basis for the processing for each type of data. That legal basis varies, and depends on the data considered. We have also put particular value on the rights of the data subjects.We have processes in place for reporting errors in data, data subject access requests and the right to erasure.
Can I use the contact information ClarityStack has supplied?
Yes -You can email corporate email address, in the UK. While GDPR standardised the storing and processing of data, it does not have any impact of whether you can email a corporate email address.
The details you have for my company are wrong
If this is the case - please do let us know - by clicking the ‘Let us know’ button at the bottom of your company overview page.
Please can you remove my details?
Of course we can here - or by either clicking the ‘Let us know’ button at the bottom of your company overview page, or emailing firstname.lastname@example.org