The General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy for all individuals within the European Union. The GDPR aims primarily to give control back to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU. When the GDPR takes effect, it will replace the 1995 Data Protection Directive. GDPR becomes enforceable from 25 May 2018.
At Idea Bubble, we do our best to implement services that fulfill our Customers’ needs. One of the most important Customers’ requirement is the security of their data. That is why for us it is paramount. Idea Bubble understands how the fulfillment of GDPR obligations will improve protection of our Customers’ data. We are fully committed to achieving compliance with the GDPR prior to the regulations effective date.
Idea Bubble has customers who are both companies and individuals. We offer a product to companies that allows them to collect and analyze product feedback provided by individuals who may reside in the EU. In this case, through our contract with the company who is our customer, we are acting as a data processor. We collect, store, and retrieve data on their behalf and at their request. We also use our own product to collect, store, and retrieve data to analyze our own product. In this capacity, we are both a data controller and data processor, since the data processing is happening for our own purposes.
Idea Bubble makes use of third party services in infrastructure, reporting, and analytics. It is our obligation to ensure that the processing of data on our behalf is also GDPR compliant. For the details of our third-party tools, please refer to the privacy page.
Idea Bubble is required to be in compliance with the GDPR since we offer services to residents of the EU. In order to offer our service, we must collect data that can identify people. In addition to our obligation to follow the regulation, Idea Bubble intends to follow best practices in privacy and protection of data. In accordance with the European General Data Protection Regulation 2016/679 (GDPR) you have a right of access, correction and removal of your personal data which you may exercise by sending us an email at [email protected]. Your requests will be processed within 30 days. We may require that your request be accompanied by a photocopy of proof of identity or authority. One of the main drivers of the GDPR is informing your customers/users about you data policies. It is therefore crucial that when you ask for insights or feedback through Idea Bubble, you make it easy for your users to see your data policy as explained in your Privacy Statement.
We will notify the owners of Idea Bubble accounts within 48 hours of the discovery of a data breach. We will work with our customers to inform Data Subjects of the breach.