GDPR Compliance Checkpoints are Listed Below That.
Below is a checklist of the steps we’ve taken to be GDPR compliant. We’ve also included related tasks such as additional security measures:
✓ Research and compliance documentation, including hard copies detailing steps taken for compliancy.
✓ The right of access/right to rectification of personal data (via the Hub).
✓ The right to erasure (also known as the ‘right to be forgotten’) policy and functionality across our services, in our billing system, webmail client, control panels and client portal, and blog comments where applicable.
✓ Data retention policy automation so that unneeded personal data is automatically deleted from our billing system and client portal (if not requested by the individual before that point).
✓ SSL certificate installed on Small Business Tools Host website and all subdomains.
✓ Express consent proof of email marketing via double-opt in.
✓ Customers are able to request a report of the data we hold about them.
✓ Changes to consent for email preferences automatically logged.
✓ Servers in the EUA.
✓ PCI-compliant datacenter.
✓ Personal data only stored and processed in the EEA and/or with EU-US Privacy Shield compliant companies.
✓ Client personal data secured online in our closed and protected billing & customer management system.
✓ Web Application Firewall.
✓ GDPR compliant cookie controls.
✓ Anonymized IP addresses in Google Analytics.
✓ Optin to obtain consent on comments to retain data.