The General Data Protection Regulation (GDPR) is a regulation by which the European Parliament, the Council of the European Union, and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU). It also addresses the export of personal data outside the EU.
ProWritingAid and GDPR (in 12 points)
The GDPR regulation can be reduced to 12 important points. For each point, we explain how ProWritingAid handles its compliance.
All third-party providers have been verified as GDPR-compliant (Azure, Stripe, SendGrid, PayPal, Google, HotJar, Oribi, ShareASale).
All ProWritingAid data is held on servers hosted outside of the EU in the USA.
All key people responsible for software development & infrastructure maintenance of Orpheus Technology Limited (the owner company for ProWritingAid) are fully aware of the GDPR requirements.
2. Information we hold
- Name, email, profile picture - When you register for ProWritingAid we will ask for your email. Through your profile settings you may additionally provide a user name and profile picture. If you login using a social network (Facebook, LinkedIn or Bitbucket), we may ask permission to access basic information from that account, such as your name, email address and profile picture. You can stop sharing information with us at any time using the social network settings to disable access.
- User Content - This includes documents or any other content provided by you while using our website or apps.
- IP Address - For determining the location of the customer – place of supply – as required by European Union (EU) VAT B2C rules on broadcasting, telecommunications and e-services.
- Logging - It is very common for websites to record diagnostic data in log files. This log data may include the IP address, date, time, browser information and cookie data.
- Website Usage - To help understand and improve the performance of our service, we collect statistics such as how many users visit a page on our website or how many times a link was clicked.
3. Communicating privacy information
4. Individuals’ rights
ProWritingAid users’ rights regarding GDPR are covered including:
- To be informed: we clearly inform our users about the collection and use of their personal data.
- Access: our users can access all their data, without restriction, from the ProWritingAid apps.
- Request a report of the personal data by using our contact page.
- Correct or delete your personal data using from our account settings page. If you have any problems with this let us know via the contact page.
- Object to the processing your personal data. You can request that we stop processing your personal data (including to send marketing emails). Marketing emails are only sent to users in the EU if we have consent to do so. You can unsubscribe from marketing emails at any time by clicking the “unsubscribe” link found in our emails or by changing your account settings.
- Complain to your supervisory authority. You also have the right to lodge a complaint with the supervisory authority of your country or EU member state about ProWritingAid’s use of your personal data.
- Right to data portability: our users may contact us anytime if they wish to get an export of their data
- Right not to be subject to automated decision-making including profiling: we don't do that
5. Subject access requests
ProWritingAid replies to all access requests in under 1 week (limit for GDPR is 1 Month).
6. Lawful basis for processing personal data
ProWritingAid stores user data involving a consent.
Consent is provided by our users explicitly when proceeding an action or task (eg. when they provide user data).
Our privacy information is written in a language that children will understand. We do not knowingly collect any information from anyone under 13 years of age. If we believe that personal information has been collected from a child younger than 13 years of age, we will remove it.
9. Data breaches
We constantly monitor for any unauthorized access to our systems. Our systems are designed to be as secure as possible and we have had no major security issues.
Users and security researchers can submit security reports via this link.
ProWritingAid will notify users of any data breach 24hrs maximum after it has been reported and fixed.
10. Data Protection by Design and Data Protection Impact Assessments
Security of user data, integrity and stability are at the heart of all ProWritingAid systems, it’s the same for new or existing systems and it’s there from the start. Our developers use the best tools, technology and research available to protect our user data.
11. Data Protection Officers
ProWritingAid has appointed a Data Protection Officer:
Chris Dinsmore, CTO — Email: firstname.lastname@example.org
ProWritingAid processes data from individuals from all over the EU.
ProWritingAid’s main residence is in the United Kingdom, therefore its supervisory authority is based in the United Kingdom.
This document was last modified on 01-Aug-19