Netmera Platform is Ready for GDPR (EU General Data Protection Regulation)

Since the EU General Data Protection Regulation (GDPR) is around the corner (25 May 2018); we have been busy working on some features and improvements on our Netmera Mobile Engagement Platform for compliance. You can review the details of changes and improvements that have been made on our Netmera Panel, REST API, SDK, Data Retention and Security Audits in compliance with EU General Data Protection Regulation (GDPR) below.  

1.Definitions

First let’s refresh our memory on some basic concepts of GDPR.

a. Personal Data: Personal data refers to the data of an individual who can be identified through these data or with a combination of any other information such as email, contact number, name, surname, registry number etc.

b. Data Processing: The act of entry, registry or share of data on Netmera Platform through mobile application, panel or REST API.

c. Application User: Any individual who actively downloads and uses the e-commerce, media or other mobile applications integrated in Netmera SDK 

2.Netmera Panel

a. Defining Personal Data

You can define that a new “profile attribute” or “event property” is personal data when it is processed or added. Similarly, it can also be defined whether default profile attributes and event properties are personal data on the Netmera panel.

Personal data is processed by Netmera for the application users who have authorisations only.

b. Right of Access to Personal Data

Netmera only stores the data of users who have given consent and only the data of these authorised users can be accessed through the Netmera panel.

  • All changes and access to personal data on the panel are logged.
  • In case of an app user request, the details of when and which panel user has accessed to his/her personal data can be given.

c. Authority of Personal Data Access

The authority to access personal data on the “People” and “Person Details” screens is not given to all members of Netmera panel users and only permitted panel users can access this information.

d. Deleting Personal Data

In the event of an application user request, Netmera Platform is able to delete all stored personal data of the user.

3.REST API

All personal attributes and event properties, provided by Netmara REST API for Netmera servers, are passed through a personal data filter. Any data found without user permission or not marked as personal data would be excluded and not be processed.

4.SDK

All personal attributes and event properties, provided by Netmara SDK API for Netmera servers, are passed through a personal data filter. Any data found without user permission or not marked as personal data would not been sent to Netmera servers and would be excluded.

If an outdated version of the SDK provides personal data, Netmera servers would filter and not process the personal data if the application user didn’t give permission.

With these filter options, any accidental personal data leakage is prevented.

5.Data Retention

All data will be kept for 1 year in Netmera Database. At the end of this period, all personal data will be anonymised and stored accordingly

6.Security Audits

Netmera database is regularly audited by independent security audit companies against any type of cyber threats

7.Contracts

All parties that provide data to Netmera through an integration of Netmera SDK API, REST API or panel are committed to collect the data in accordance with the General Data Protection Regulation (GDPR)

Netmera is committed to all clients, that Netmera processes the data in accordance with General Data Protection Regulation (GDPR). Netmera support contracts contain obligations related to General Data Protection Regulation.

Netmera Team