ProWritingAid and GDPR

Can’t find an answer for your question? Contact us

The General Data Protection Regulation (GDPR) is a regulation by which the European Parliament, the Council of the European Union, and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU). It also addresses the export of personal data outside the EU.

ProWritingAid and GDPR (in 12 points)

The GDPR regulation can be reduced to 12 important points. For each point, we explain how ProWritingAid handles its compliance.

All third-party providers have been verified as GDPR-compliant (Azure, Stripe, SendGrid, PayPal).

All ProWritingAid data is held on servers hosted outside of the EU in the USA.

1. Awareness

All key people responsible for software development & infrastructure maintenance of Orpheus Technology Limited (the owner company for ProWritingAid) are fully aware of the GDPR requirements.

2. Information we hold

  • Name, email, profile picture - When you register for ProWritingAid we will ask for your email. Through your profile settings you may additionally provide a user name and profile picture. If you login using a social network (Facebook, LinkedIn or Bitbucket), we may ask permission to access basic information from that account, such as your name, email address and profile picture. You can stop sharing information with us at any time using the social network settings to disable access.
  • Payment information (Paid Users) - Payment information is required to fulfil the transaction. If you pay using a payment card at checkout, you will provide your payment card number to Stripe® (our card payment provider). The Stripe® privacy policy will apply to this information. If you checkout using PayPal®, the PayPal® privacy policy will apply to the payment information you provide.
  • User Content - This includes documents or any other content provided by you while using our website or apps.
  • IP Address - For determining the location of the customer – place of supply – as required by European Union (EU) VAT B2C rules on broadcasting, telecommunications and e-services.
  • Logging - It is very common for websites to record diagnostic data in log files. This log data may include the IP address, date, time, browser information and cookie data.
  • Website Usage - To help understand and improve the performance of our service, we collect statistics such as how many users visit a page on our website or how many times a link was clicked.
  • Cookies - We use cookies to understand and save your preferences for future visits and compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future. Please see our cookie policy.

3. Communicating privacy information

ProWritingAid users privacy terms are clearly communicated in our Privacy Policy.

4. Individuals’ rights

ProWritingAid users’ rights regarding GDPR are covered including:

  • To be informed: we clearly inform our users about the collection and use of their personal data.
  • Access: our users can access all their data, without restriction, from the ProWritingAid apps.
  • Request a report of the personal data by using our contact page.
  • Correct or delete your personal data using from our account settings page. If you have any problems with this let us know via the contact page.
  • Object to the processing your personal data. You can request that we stop processing your personal data (including to send marketing emails). Marketing emails are only sent to users in the EU if we have consent to do so. You can unsubscribe from marketing emails at any time by clicking the “unsubscribe” link found in our emails or by changing your account settings.
  • Complain to your supervisory authority. You also have the right to lodge a complaint with the supervisory authority of your country or EU member state about ProWritingAid’s use of your personal data.
  • Right to data portability: our users may contact us anytime if they wish to get an export of their data
  • Right not to be subject to automated decision-making including profiling: we don't do that

5. Subject access requests

ProWritingAid replies to all access requests in under 1 week (limit for GDPR is 1 Month).

6. Lawful basis for processing personal data

ProWritingAid stores user data involving a consent.

7. Consent

Consent is provided by our users explicitly when proceeding an action or task (eg. when they provide user data).

8. Children

Our privacy information is written in a language that children will understand. We do not knowingly collect any information from anyone under 13 years of age. If we believe that personal information has been collected from a child younger than 13 years of age, we will remove it.

9. Data breaches

We constantly monitor for any unauthorized access to our systems. Our systems are designed to be as secure as possible and we have had no major security issues. Users and security researchers can submit security reports via this link.

ProWritingAid will notify users of any data breach 24hrs maximum after it has been reported and fixed.

10. Data Protection by Design and Data Protection Impact Assessments

Security of user data, integrity and stability are at the heart of all ProWritingAid systems, it’s the same for new or existing systems and it’s there from the start. Our developers use the best tools, technology and research available to protect our user data.

11. Data Protection Officers

ProWritingAid has appointed a Data Protection Officer:

Chris Dinsmore, CTO — Email: chris.dinsmore@prowritingaid.com

12. International

ProWritingAid processes data from individuals from all over the EU.

ProWritingAid’s main residence is in the United Kingdom, therefore its supervisory authority is based in the United Kingdom.