Since the EU General Data Protection Regulation (GDPR) is around the corner (25 May 2018); we have been busy working on some features and improvements on our Netmera Mobile Engagement Platform for compliance. You can review the details of changes and improvements that have been made on our Netmera Panel, REST API, SDK, Data Retention and Security Audits in compliance with EU General Data Protection Regulation (GDPR) below.
First let’s refresh our memory on some basic concepts of GDPR.
a. Personal Data: Personal data refers to the data of an individual who can be identified through these data or with a combination of any other information such as email, contact number, name, surname, registry number etc.
b. Data Processing: The act of entry, registry or share of data on Netmera Platform through mobile application, panel or REST API.
c. Application User: Any individual who actively downloads and uses the e-commerce, media or other mobile applications integrated in Netmera SDK
a. Defining Personal Data
You can define that a new “profile attribute” or “event property” is personal data when it is processed or added. Similarly, it can also be defined whether default profile attributes and event properties are personal data on the Netmera panel.
Personal data is processed by Netmera for the application users who have authorisations only.
b. Right of Access to Personal Data
Netmera only stores the data of users who have given consent and only the data of these authorised users can be accessed through the Netmera panel.
- All changes and access to personal data on the panel are logged.
- In case of an app user request, the details of when and which panel user has accessed to his/her personal data can be given.
c. Authority of Personal Data Access
The authority to access personal data on the “People” and “Person Details” screens is not given to all members of Netmera panel users and only permitted panel users can access this information.
d. Deleting Personal Data
In the event of an application user request, Netmera Platform is able to delete all stored personal data of the user.
All personal attributes and event properties, provided by Netmara REST API for Netmera servers, are passed through a personal data filter. Any data found without user permission or not marked as personal data would be excluded and not be processed.
All personal attributes and event properties, provided by Netmara SDK API for Netmera servers, are passed through a personal data filter. Any data found without user permission or not marked as personal data would not been sent to Netmera servers and would be excluded.
If an outdated version of the SDK provides personal data, Netmera servers would filter and not process the personal data if the application user didn’t give permission.
With these filter options, any accidental personal data leakage is prevented.
All data will be kept for 1 year in Netmera Database. At the end of this period, all personal data will be anonymised and stored accordingly
Netmera database is regularly audited by independent security audit companies against any type of cyber threats
All parties that provide data to Netmera through an integration of Netmera SDK API, REST API or panel are committed to collect the data in accordance with the General Data Protection Regulation (GDPR)
Netmera is committed to all clients, that Netmera processes the data in accordance with General Data Protection Regulation (GDPR). Netmera support contracts contain obligations related to General Data Protection Regulation.