As an EU-based company, we're following GDPR guidelines strictly. Your data is treated with care and is only used for your team, to give you the tools to understand your users better.
What is GDPR?
The EU General Data Protection Regulation, or GDPR, is a new law by the EU that ensures the protection of "personal data" of citizens and the rights of the individual. The law is effective from May 25, 2018.
Does it affect me?
Probably. GDPR is applicable to any organization that holds or processes data from individuals in the EU.
Is Shipright GDPR-ready?
Yes, we've taken various measures and have planned others to ensure that Shipright follows GDPR recommendations.
Processes & risk analysis
In our product development processes we incorporate regular reviews on privacy and security. We've analysed & documented risks and potential breach impact. Next to that, we're updating policies on how to cope with data that is outdated or belonging to users that stop using the product. Also, we've made sure that any third party or subcontractor we work with, is fully GDPR-compliant as well.
We also have a roadmap with changes to ensure we maintain and improve compatibility with GDPR guidelines over time:
Product changes in Shipright
Shipright deals with feedback from end-users or other people, and therefore may include "personal data", in GDPR lingo. To ensure that you, being a data processor, can fully comply with GDPR, we've taken some measures. For instance, it's possible to permanently delete documents and data that may include sensitive information. Also, we've added messaging preferences and clear cues on how to unsubscribe from mailings. You can remove or update information about your end-users by removing or updating them from the "About section" on top of opened documents in the Dock.
Next to this, we're making sure in short term that you can permanently delete user accounts from colleagues that for instance move to another company. It's already possible to deactivate these accounts, but the names will remain visible inside Shipright. Also, we're planning to support easy ways to export data in Shipright using in-app functionality. In the meanwhile, you can request a data export by contacting us.
Where do you store my data?
Your information is stored on servers at Google Cloud and Amazon Web Services. These are ISO-certified providers with very high-standard security practices. We host data, including encrypted backups, solely within EU availability zones.
Want to get certain data erased?
By default, we keep a backup of your workspace up till 6 months after cancellation of your subscription or end of trial. This is to ensure that you can resume your work after some time of being inactive. Upon request, we can erase your data directly.
Questions & Data Protection Officer
An overview of frequently asked questions on security & privacy can be found at https://www.shipright.co/security-privacy.
If you have any other questions or doubts about GDPR aspects, please reach out to us using chat (bottom right) or email Lennart, our Data Protection Officer.