What is GDPR?
The General Data Protection Regulation (GDPR) is the result of many years of work by the European Union to bring data protection legislation into line with new, previously unforeseen ways that personal data is now used and processed around the world.
When does it come into effect?
The GDPR will apply in all EU member states from 25 May 2018.
Will GDPR affect my company?
Almost certainly. Any company that stores or processes personally identifiable information for EU residents will be responsible for complying with the new regulations, even if that company is not based in the EU.
Will Kayako Classic be GDPR compliant by the deadline?
Will I be GDPR compliant when using Kayako Classic as a data processor?
Kayako Classic is currently in the process of completing our own GDPR compliance and this will be completed before the GDPR deadlines. This will mean that you will be compliant when using Kayako Classic as a data processor for your own GDPR compliance.
Does Kayako Classic store Personally Identifiable Information (PII)?
Yes. PII data is considered any information you store which can uniquely identify an individual either directly or indirectly. Kayako Classic stores various pieces of user information would could be counted as PII data.
What PII data does Kayako Classic store?
Kayako Classic stores various pieces of user information would could be counted as PII data including, but not limited to:
- Full Name
- Email Address
- Twitter Handle
- Facebook ID
- IP Address
- Phone Number
NOTE: If you use custom fields within Kayako Classic, it is also possible that those could be considered as PII data if they are able to uniquely identify an individual.
Does any of my data leave the EU?
Yes. Kayako Classic uses third-party applications to help monitor our infrastructure and ensure we maintain good performance, availability, and usability for our customers. Some of these third-party services are hosted outside of the EU. All of our third parties are hosted in countries which obey strict and lawful standards of security. Kayako Classic is currently in the process of signing Data Protection Agreements with all our suppliers and all of these will be in place before the GDPR deadlines.
Does Kayako Classic send my data to any third parties?
Do I need to sign a Data Processing Agreement (DPA) with Kayako Classic?
Should this affect my decision to choose Kayako Classic?