伊人直播

伊人直播 logo

Security and GDPR Compliance

For most businesses, May 25 is quickly approaching as a day of unknowns. It鈥檚 the day the European Union鈥檚 new regulation, the General Data Protection Regulation (GDPR), kicks in. It鈥檚 a new set of laws that are aimed at enhancing the protection of EU citizens鈥 personal data. It increases the obligations organizations have to deal with data in a secure and transparent way. The GDPR applies to all businesses that control or process EU citizens鈥 data, which means it likely affects you, our 伊人直播 customers.

What is GDPR?

The GDPR is a new EU law on data protection and privacy that addresses the export of personal data outside the EU. The regulation aims to give control back to citizens over their personal data. Any company, no matter where it is located, needs to comply with the new regulations if they are handling EU data. According to Wired鈥檚 deep dive,

[Under the GDPR] companies must be clear and concise about their collection and use of personal data like full name, home address, location data, IP address, or the identifier that tracks web and app use on smartphones. Companies have to spell out why the data is being collected and whether it will be used to create profiles of people鈥檚 actions and habits. Moreover, consumers will gain the right to access data companies store about them, the right to correct inaccurate information, and the right to limit the use of decisions made by algorithms, among others.

The law protects in the of the European Union, even if the data is processed elsewhere. That means GDPR will apply to publishers like WIRED; banks; universities; much of the Fortune 500; the of ad-tech companies that track you across the web, devices, and apps; and Silicon Valley tech giants.

Most of the digital rights under the GDPR were already established in the EU. However, most of them went unenforced.

伊人直播 and Compliance

At 伊人直播, we鈥檙e committed to not only making sure we are compliant with the new regulations, but that our customers are as well. 伊人直播, by nature, is a consent-based platform. Users specifically give consent to enter promotions or apply to an influencer program. The personal data they provide is only ever shared with the owner of the account. This means 伊人直播 acts as a data processor on behalf of our customers.

Breakdown of GDPR Requirements

Lawful basis of processing

What it means: You need to have a legal reason to track a user鈥檚 data, such as consent (opting-in), a contract, transaction, etc. For people entering 伊人直播 promotions or applying to be an influencer,, that would constitute consent. For influencers, you can track lawful basis via the influencer鈥檚 profile.

Consent

We know we just said consent provides a lawful basis of processing, but there鈥檚 more to it. Under the GDPR, a user needs to be told specifically what they鈥檙e opting into. They need to affirmatively opt-in, through a checkbox that they check (pre-checked boxes or a form alone will not work.) That consent needs to let the user know what ways you intend to process and use the user鈥檚 personal data. You鈥檒l need to log auditable evidence of what the user consented to and when they consented. These options are available in 伊人直播 by adding checkboxes or text fields to your promotion or forms.

Withdrawal of consent (or opting out) And Deletion

The GDPR requires that companies give users the ability to see what they agreed to share and the ability to withdraw consent. Per the GDPR, withdrawing consent needs to be as easy as giving it. Similarly, users have the right to request that any personal data be deleted. Most companies have 30 days to respond to such requests. For any data that a user wishes to withdraw consent from, simply email support@sideqik.com and we will permanently delete their personal data from 伊人直播. In the future, we will have a form for these requests. We are working on a way to easily notify our customers about requests for deletion, so our customers can also be compliant with regulations. Please reach out to privacy@sideqik.com with any questions about this policy.

Cookies

A user needs to be given notice that you are using cookies to track them and needs to consent to those cookies. This most likely applies if you are using analytical tracking pixels like Google AdWords, Facebook Pixel, or 伊人直播鈥檚 Conversion Tracking. More regulations surrounding this topic are pending. Facebook has thorough guidelines . For now, any questions can be directed to support@sideqik.com.

Access/Portability

Under the GDPR, users can request access to personal data organizations have about them. Personal data is anything identifiable, like name or email. If a user requests access, you (as the controller) need to provide a copy of the data. 伊人直播 enables you to grant these access/portability requests by exporting data collected from forms or promotions into CSV or Excel files. Additional data, such as engagement data can be obtained via 伊人直播鈥檚 APIs. If you have any trouble fulfilling an access request, please contact support@sideqik.com and we will help.

Modification

In addition to requesting to delete or access their data, users can ask to modify personal data if it is inaccurate or incomplete. In 伊人直播, you can update an influencer鈥檚 data on their profile page. To update the information of promotion participants, simply send a modification request to support@sideqik.com.

Security Measures

The GDPR requires that data controllers and processors have the 鈥渁ppropriate technical and organizational measures to ensure a level of security appropriate to the risk鈥. 伊人直播 has always taken privacy and security very seriously, and we鈥檙e working to strengthen our security controls across the business. We have recently added additional security controls around data access, security, and auditing to ensure our customer data is protected. We have appointed a Data Security Officer to serve as a point person for all inquiries related to data security. Please direct any inquiries related to 伊人直播 and GDPR to privacy@sideqik.com.

Data Processing Addendum

To help our customers meet GDPR verification 伊人直播 has announced a Data Processing Addendum (DPA). The DPA is an easy-to-execute document that, once signed, can show auditors that customers use 伊人直播 in a way that lets them demonstrate their data is being processed in a way that is compliant with the GDPR. To obtain a DPA, please email support@sideqik.com.

Wrapping Up

We鈥檙e committed to keeping our customers happy and our user data safe and compliant. This document will be updated with ongoing changes around data privacy. If you have any concerns, please email nancy@sideqik.com or zubair@sideqik.com.

Responsible Disclosure

If you鈥檝e discovered a vulnerability in the 伊人直播 application, please don鈥檛 share it publicly. Instead, please submit a report to us email at support@sideqik.com in the below format. We review all security concerns brought to our attention, and we take a proactive approach to emerging security issues.

Subject: VDP 鈥
Body:
Your_name (or pseudonym):
Vulnerability_Name:
Domain_affected:
Impact to confidentiality? Y/N
Impact to integrity? Y/N
Impact to availability? Y/NSteps to replicate:Step one
Step two
Step 3
Proof of concept screenshot 鈥 scrubbed of any PII or sensitive information, if applicable.

If you believe your account has been compromised or you are seeing suspicious activity on your account please email support@sideqik.com.