Articles on: My Account

GDPR Compliance

The European General Data Protection Regulation (GDPR) comes into effect on 25 May 2018. This article details GDPR compliance of Kiosk Browser/Launcher Remote Management. Whilst our Privacy/Terms covers all aspects of GDPR we wanted to provide a clear document detailing the 12 points of GDPR.


For the purposes of this document SERVICE means Kiosk Browser/Launcher Remote Management. WE means the company providing the SERVICE as per point 12.


Kiosk Browser/Launcher Remote Management data is stored in the European Union, in situations where it is transferred and stored in the USA sub-processors are on the certified EU-US Privacy Shield framework.


Sub-processors:

We use a number of sub-processors all of which have confirmed their GDPR compliance or intention to be compliant by 25 May 2018. Each sub-processor is listed in our privacy policy, but for clarity we have included the current list of sub-processors.


Sub-processor: Auth0 | Office Location: USA | Purpose: Authentication

Sub-processor: SendGrid | Office Location: USA | Purpose: Email Notifications

Sub-processor: FastSpring | Location: USA | Purpose: eCommerce/Payment Provider

Sub-processor: Paddle | Location: UK | Purpose: eCommerce/Payment Provider

Sub-processor: Azure | Office Location: USA | Purpose: Hosting Provider

Sub-processor: Crisp (Chat) | Office Location: France | Purpose: Live Chat/Support Platform

Sub-processor: Google Firebase | Office Location: USA | Purpose: Cloud Messaging (Notification Service)

Sub-processor: Pushy | Office Location: Israel/USA | Purpose: Cloud Messaging (Notification Service)

Sub-processor: Headway | Office Location: Poland | Purpose: Product Changelog



1. Awareness


Our employees, responsible for infrastructure, software development and support are fully aware of the concepts and principles of GDPR.


2. Information we hold


2.1 Customer Data (our users)


  • Email address and name
  • Device Locations (when registered to remote management)
  • Payment details - held by our payment processor/eCommerce provider: FastSpring


3. Communicating privacy information


Our privacy and terms are clearly communicated on our website.


4. Individuals’ rights


  • the right to be informed; we clearly inform our customers how we use their data via our clear Privacy Policy.
  • the right of access; our customers can access all of their data through our web application.
  • the right to rectification; our customers may Contact Us with any rectification queries.
  • the right to erasure; our customers may Contact Us with any erasure queries.
  • the right to restrict processing; our customers have the right, under certain circumstances, to restrict the processing of their data. In this case, we will not process their data for any purpose other than storing it.
  • the right to data portability; our customers may Contact Us to request a copy of their data in a common format (this may a while due to the distributed nature of our systems).
  • the right to object; our customers may Contact Us with any objections.
  • the right not to be subject to automated decision-making including profiling; we don't do this and have no plans to do this.


5. Subject access requests


We reply to all access requests within 4 weeks (the legal limit from GDPR is 1 month).

All access requests are free of charge.


6. Lawful basis for processing personal data


User Content is the lawful basis for any processing.



Consent is provided by our customers when signing up for the service and logged by us.


8. Children


This service is not available to Children (under the age of 16). Our product is strictly B2B (business-to-business)


9. Data breaches


You can read more on our security here.


We will notify customers and the relevant supervisory authority within 24 hours of a breach.


10. Data Protection by Design and Data Protection Impact Assessments


Security and Data Privacy always comes first when implementing new features, our Data Protection Officer is in involved at every stage of development.


11. Data Protection Officers


For the purposes of Kiosk Browser Remote Management and related services our Data Protection Officer is:


12. International


We operate and are established in the UK (England), our supervisory authority is the ICO (Information Commisioner's Office) based in the UK.


Address: Unit 3 Castle Road, Chelston Business Park, Wellington, Somserset, TA21 9JQ United Kingdom

Company No: 5054551 (registered in England & Wales)



Companies using Kiosk Browser/Launcher Remote Management and handling European user data may need to sign a Data Processing Agreement (DPA). You can find your DPA under My Account within the Remote Management Console, including instructions on how to sign and return it.

Updated on: 13/06/2022

Was this article helpful?

Share your feedback

Cancel

Thank you!