banner shape

GDPR

What is GDPR?

The General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy for all individuals within the European Union. GDPR also addresses the export of personal data outside the EU. It aims to give control to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU. We take the GDPR very seriously at Chatway and apply all the following changes and features to all of our users around the world. This article describes the GDPR compliance status of Chatway.

What Chatway did about it

1. AWARENESS OF THE GDPR

All managers and employees responsible of software development, design and infrastructure maintenance of Poptin LTD (the company that operates the Chatway app), an Israeli limited company (and the owner company of Poptin inc.), are aware of the GDPR requirements.

Tests and code reviews are performed by our development team and Data Protection Officers before any code deployment to the platform. We always take data protection and privacy by design into consideration when developing a new feature, infastructure, integration or any processing activities. We also made sure our 3rd parties we use are GDPR compliant and aware, as mentioned below.

2. INFORMATION WE STORE ON OUR CUSTOMERS

When a user registers and opts-in, he/she needs to fill out their:

We also collect the country of the user to make sure he/she gets their account's interface in the right language.

A user can also fill out more information, also with his/her consent, such as:

3. INFORMATION WE STORE ON OUR CUSTOMERS' END-USERS (VISITORS)

4. INDIVIDUAL RIGHTS

5. UPDATED OUR TERMS OF SERVICE AND PRIVACY POLICY

You can read our updated terms of service and privacy policy by click on the following links:

6. DPA

Ask us for our DPA (Data Processing Agreement) and we will send it to you via email. You can email it back to us once you signed it to [email protected]

7. WE REVIEWED THE GDPR STATUS OF ALL THE 3RD PARTIES WE USE

We use platforms and tools like Stripe, Amazon Web Services, Google, Facebook, Elastic Email, CloudFlare, Profitwell

8. DATA BREACHES

A personal data breach refers to a breach of security that can lead to accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed.

Our duty is to keep our users’ information safe, and report certain types personal data breach to the relevant supervisory authority within 72 hours. We also understand we must inform affected individuals without undue delay.

We take our users’ personal data, business information and our system security very seriously. These are a few implemented procedures and methods that we take:

We use 2-Factor-Authentication on our sensitive accounts (eg. hosting provider, etc.) Isolated servers for the application and for sensitive data

Access to our server systems is allowed only from specific IP addresses Daily backups

Always adding more automatic security tests to monitor the system. And more

Data protection officer

Name: Gal Dubinski
Address: Street 18 Jerusalem Blvd
Postal code: 7752311
City: Ashdod
Country: Israel
Telephone: +97235248444
Email:[email protected]

WHAT SHOULD YOU DO TO GO ALONG WITH THE GDPR?

A. Be transparent

Make it clear to the subscriber what information you collect
Make it clear to the subscriber why you are collecting their information
Make it clear what information you will send them and how often

B. Add a checkbox if you want your subscribers to agree to your terms of service.
Also, don’t create pre-ticked boxes or any other type of default consent.

C. Delete leads from the platform if you don’t need them anymore or if you were asked to.

D. Show your clients you have a DPA (data processing agreement) with Chatway by signing our DPA and emailing it back to us at [email protected]