The General Data Protection Regulation ("GDPR") will be enforced starting May 25, 2018, and RepairShopr is committed to being compliant and providing our clients with the tools they need to also be compliant.
This page is about how RepairShopr is compliant in our relationship with you (our users). If you are looking for information on how we help you be compliant with your Customers, please visit this page: GDPR - Your Business and Your Customers
GDPR can be broken down into some primary categories:
- Specific and Unbundled Consent
- Data Portability
- Right to Erasure (aka Right to be Forgotten)
- Breach Notification Policy
- Supporting Documentation
Specific and Unbundled Consent
We are careful to respect your desire to be marketed to or not. If you feel you are receiving marketing communication that you did not consent to, please contact us so we can address it immediately. There is a link to the right of this page - "Contact support."
We make it easy to download a portable copy of your data. Just email us and we'll send you a copy electronically. There is a link to the right of this page - "Contact support."
Right to Erasure
We accommodate your right to erasure via a support ticket. Please contact us and we will take care of it! There is a link to the right of this page - "Contact support."
Breach Notification Policy
Our policy is that we will notify you within 72 hours of discovering a breach.
Subprocessors and Subcontractors
What is a Subprocessor? A subprocessor is a third party data processor engaged by RepairShopr, who has or potentially will have access to or process Service Data (which may contain Personal Data). RepairShopr engages different types of subprocessors to perform various functions as explained below. RepairShopr refers to third parties that do not have access to or process Service Data but who are otherwise used to provide the Services as “subcontractors” and not subprocessors.
RepairShopr only stores your data with the Privacy Shield covered entities below. See links for reference.
- Amazon Web Services, Inc. - Cloud Service Provider - privacy shield
- Heroku - Cloud Service Provider - privacy shield
- Twilio, Inc. - SMS communications - privacy shield
- Mixpanel - Analytics - privacy shield
- U.S. Department of Commerce Privacy Shield Website: https://www.privacyshield.gov/welcome.
- Directive 95/46/EC: http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=LEGISSUM:l14012.
- General Data Protection Regulation (GDPR): http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32016R0679.
- The International Association of Privacy Professionals: https://iapp.org.
- United Kingdom Information Commissioner’s Office’s “Preparing for the GDPR”: https://ico.org.uk/media/1624219/preparing-for-the-gdpr-12-steps.pdf.