EasySuite CRM GDPR Compliance

We’re committed to helping our customers prepare for the General Data Protection Regulation (GDPR). The GDPR is a series of rules governing organizations that handle EU citizens’ personal data, regardless of where the organizations themselves are located.

Here we’ll explain our methods and plans to achieve GDPR compliance, both for ourselves and for our customers. GDPR will go into effect on May 25, 2018.

Our team has made EasySuite CRM offerings and contractual commitments in line with GDPR so our customers can have the tools necessary to stay GDPR compliant.

Measures to achieve have included:

-Encrypting our database to be specifically compliant to GDPR

-Saving the consent we take from our users individually and how we encrypt it

-Allow our users to enable GDPR consent for their registration pages

-Show consent form to users while registering for a webinar

-Save consent for each attendee

-Committing to our Privacy Shield, and by implementing our Data Processing Addendum

We’ll also continue to monitor the guidance around GDPR compliance from privacy-related regulatory bodies, and will adjust our plans accordingly should the situation change.
(More on this can be found in our Privacy Shield)

Your Responsibility Under GDPR

If you are an EasySuite CRM User, then that probably means you are a business owner, using the EasySuite CRM software to sell goods and services to your customers. With respect to the customer data that you provide to EasySuite CRM, EasySuite CRM is a data processor and will comply with its obligations under the GDPR; but with respect to your customers, you are probably a data controller, and if any of your customers is a citizen or a resident of a country in the European Union, then you must ensure that you comply with your obligations as a data controller under the GDPR; namely, you must ensure that you afford Your Customers the rights identified in section (a) above. EasySuite CRM sells software; it does not provide legal advice or legal services, nor does it sell a “done-for-you” GDPR compliance package. Please consult legal counsel of your own choosing for advice on what you need to do to comply with GDPR.

EU-U.S. Privacy Shield

We store data inside the U.S as part of our network is based on Amazon AWS infrastructure. As such, we have a signed Data Processing Addendum (including Model Clauses) with AWS which covers transfer of data from within the European Union to the US.

For personal information that we receive from the European Union, we commit to the principles of the EU-U.S Privacy Shield regarding the collection, use, and retention of personal information from the EU countries. We will adhere to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, and Data Integrity & Purpose Limitation when processing personal information from the EU in the U.S.

Residents of the European Union who believe that their information has not been processed in compliance with the principles of the Privacy Shield may raise their complaint in the following ways:

(1) You can contact us directly using the contact details provided below and we will respond to your complaint within 45 days of receipt:

Email Address: support@EasySuite.com

For more in-depth information on our privacy policy/shield, you can go here.

Our security infrastructure

Protecting our customers’ information and their users’ privacy is extremely important to us. As a cloud-based company entrusted with some of our customers’ most valuable data, we’ve set high standards for security. In accordance with GDPR requirements around security incident notifications, EasySuite CRM will continue to meet its obligations and offer contractual assurances.Updated May 20th, 2018