PageFly - How we comply with GDPR

149 views 0

In this article, you will learn about how PageFly complies with the EU General Data Protection Regulation (GDPR). 

The EU General Data Protection Regulation (GDPR) took effect on May 2018. It sets a new standard for how companies use and protect EU citizens’ data.

For PageFly, we worked hard to prepare for GDPR, to ensure that we fulfill its obligations and maintain our transparency about customer messaging and how we use data. We’ve now completed our GDPR readiness program.

What is GDPR?

The EU General Data Protection Regulation (“GDPR”) is a comprehensive data protection law that came into effect on May 25, 2018. It replaced existing EU Data Protection law to strengthen the protection of “personal data” and the rights of the individual. It’s a single set of rules which governs the processing and monitoring of EU data.

Does it affect me?

Yes, most likely. If you are in the EU, you should be aware of this law to better protect your information and data. If you hold or process the data of any person in the EU, the GDPR will apply to you, whether you’re based in the EU or not.

How PageFly prepared for GDPR

Our teams worked hard to ensure we comply with GDPR. This was a massive overhaul of processes and data models to make sure we met our legal obligations and did the best thing for our customers. Meanwhile, it still lets us move fast and build great results.

Here are 3 main things we did to ensure we set up ourselves and our customers to meet GDPR obligations:

We give first notice

Once you install PageFly, a modal will pop up to ask for your permission to track and store your data.

Permission to track and store your data

We built new features

Essentially, our teams built the necessary features to enable our customers to easily meet their GDPR obligations.  

Also, PageFly can help you meet your data portability requirements for GDPR. You can easily export all of your data and/or permanently delete those linked to your account.

Most importantly, we leave an option for the user to opt out of data storage after uninstallation, to ensure we comply with GDPR.

Remove all related data after removal of PageFly

We updated our Privacy Policy

Strong data protection commitments are a key part of GDPR’s requirements. Our updated privacy policy shares our privacy commitments and sets out the terms for PageFly and our customers to meet GDPR requirements.

How we track data

Below is a full list of data we track:

First, standard personal information the app collects:

  • Store ID
  • Store plan
  • Name of store owner
  • Email
  • Domain (URL)
  • City
  • ZIP code
  • Country
  • Phone number
  • Payment history of the store with PageFly
  • Usage information and habit of PageFly (including but not limited to: date of installation, upgrade, uninstallation, payment and contact via Live Chat window)

Second, we collect the following types of personal information from once you have installed PageFly:

  • Web sessions inside PageFly
  • Device used
  • Browser information (type, version, language)
  • Operating system
  • Involvement in any PageFly campaign
  • Referral URL inside PageFly
  • Twitter address
  • LinkedIn address

Third, information about you and others, who may access and use PageFly on behalf of your store, including but not limited to app activities. We collect in-app behavioral activities directly from the app user, through your use of the app. They are:

  • Your name
  • Address
  • Email address
  • Phone number
  • Billing information

We collect personal information directly from the relevant individual, through your Shopify account, or using the following technologies: “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org. 

How we store data

Your data is encrypted and stored in our database. No one is allowed to access the database except for the CEO, the system admin and the lead developer.

The data stored is never distributed, promoted or used for illegal and/or personal purposes.

Questions?

Feel free to reach out to us in the Messenger if you have any questions about GDPR. We’d be happy to chat with you about it.

Was this helpful?