WooRank and the GDPR
As a data controller, WooRank takes its responsibility under the GDPR seriously for all of our users. We’ve been working hard for the past few months on putting in place the foundations to ensure full GDPR compliance.
What is the GDPR?
The EU General Data Protection Regulation (GDPR) is the new legal framework governing the use of personal data for EU residents. It is the most significant change to privacy law in over 20 years and completely replaces the current national data protection laws and EU-wide protection framework.
The GDPR is designed to give consumers more access and control over their personal data and applies across the EU.
As a Belgium-headquartered company, WooRank is primarily following the advice of the Commission for the Protection of Privacy to ensure it is meeting its obligations under the GDPR.
WooRank is working to ensure all relevant team members are aware of the GDPR and that appropriate training is provided.
The GDPR requires organizations to maintain records of all data processing activities and the legal basis for processing such data. WooRank is currently preparing a full data audit and the legal basis for processing.
WooRank is reviewing its current privacy notices in order to ensure any necessary changes are in place prior to 25 May 2018.
WooRank will provide all customers and consumers with the following rights:
- Right to be informed
- Right of access
- Right of rectification
- Right to erasure
- Right to restrict processing
- Right to data portability
- Right to object
- Right not to be subject to automated decision making and profiling
Under the right of portability, WooRank will provide information in a commonly used readable form.
Subject Access Requests
WooRank will work to be fully compliant in handling subject access requests within the required one month from receipt as defined by the GDPR. The appropriate policies and procedures are currently being put in place.
Lawful basis for processing personal data
Businesses require a legal basis for the processing of personal data. This basis involves balancing the legitimate interests of WooRank (marketing, for example) with the right to privacy of the individual. WooRank will determine these as part of the full audit being carried out.
Consent plays a key role in the GDPR and WooRank has updated our user journeys to ensure the correct and appropriate consent is given by subscribers and customers to each type of WooRank communication.
WooRank has in place the appropriate policies and escalation procedures in the event of a personal data breach.
Data Protection by Design
WooRank has ensured, and will continue to ensure, that all product and system development has privacy by design built into the process. Privacy and security are at the core of WooRank’s development philosophy.
Data Protection Officer
WooRank has appointed a data protection officer.
WooRank has identified Belgium’s Commission for the Protection of Privacy as its lead supervisory authority.