We help you meet the new GDPR

General Data Protection Regulation

Read more Request a quote

What is GDPR?

The new General Data Protection Regulation, published on May 25, 2016, goes into force on May 25, 2018. The General Data Protection Regulation (GDPR) standardizes data protection law across all 28 EU countries and imposes strict new rules on controlling and processing personally identifiable information. It also extends the protection of personal data and data protection rights.

Get consent to process personal data in an appropriate manner

The following are particularly noteworthy among the novelties introduced: data handling must be unambiguous. GDPR says “Silence, pre-ticked boxes or inactivity should not constitute consent”.

GDPR applies to all organizations holding and processing EU resident’s personal data, regardless of geographic location. Many organisations outside the EU are unaware that the EU GDPR regulation applies to them as well.

In addition, the nature of the consent required to satisfy the condition for processing sensitive personal data must be “explicit”. Explicit consent can be thought of in much the same way as the GDPR’s standard requirements for obtaining consent. The difference is that it must be obtained in a way that leaves no room for misinterpretation.

Consent must also be verifiable ,in other words, the business must be able to prove that it obtained the individual’s consent.

Our solution

Complying with the new regulation, we have developed a platform so that you can gather the explicit consent of the users easily and quickly.

Your data base

We will enable SFTP account to load your database in csv format, with the email or mobile phone of your users.

Email or SMS

We send a Registered email or a Registered SMS with a link to a web page to your users, depending on the information we have.

Acceptance of clauses

On the website, your users can read your privacy conditions and select those clauses they want to accept.

The certificate

Finally, we issue a digitally signed certificate with the accepted clauses, and store it in the SFTP account.

Watch the video

FAQs

It is a file that contains the values in a table of text lines organized so that each column value is separated by a comma from the next column's value and each row starts a new line.

The file must contain the unique identifiers of your clients, their email and their mobile phone. If you do not have that information just leave a blank space. For example:

12345,email@yourclient.com,+44666555444
12346,email2@yourclient.com,+44666555333
12347,,+44666555222
12348,email3@yourclient.com,

Yes ,content is fully customizable. Email also allows you to add your own logo.

Every 24 hours, we will generate a CSV file, with those users that have accepted or rejected the clauses. You can find the file in your SFTP account. This file has the information of the users of your CSV file, a column with the status of each clause, and, finally, the name of the certificate for that user. As per the above example, for the acceptance of 3 new clauses:

12345,email@yourclient.com,+44666555444,accepted,accepted,accepted,certificate12345.pdf
12346,email2@yourclient.com,+44666555333,denied,denied,denied,certificate12346.pdf
12347,,+44666555333,accepted,denied,accepted,certificate12347.pdf
12348,email2@yourclient.com,accepted,denied,denied,certificate12348.pdf

The sending of the initial communication activates an expiration counter. This counter is fully customized to meet your needs. When it expires, the certificate will be automatically generated and that user will be part of the CSV file of that particular day, with the expired value.

12345,email@yourclient.com,+44666555444,expired,expired,expired,certificate12345.pdf

Definitely yes. We configure a SFTP account for each language, and you will have to segment your users by language and create a CSV for each of them.

No problem . We will configure a SFTP account for each type of user, and you will have to segment your users according to typology and create a CSV for each of them.

The certificate

The certificate is the document that gathers the evidence of the entire process; in this case, all the actions that the user performs to state freely, specific, informed and unambiguously the processing of personal data relating to him.

Sender and destination

Mobile telephone numbers or mail addresses, source and destination address, as well as the corresponding IPs.

Date and time

The certificate provides the sending and delivery date and time of the different communications, as well as the actions taken.

The message

The message sent by SMS or by email is also attached in the documentary evidence.

Attachments

If the email has attachments, they will be included in the certificate; If they are PDF's or images, they will be displayed directly on it.

Annexes

The logs of the server, with all the technical information, are in the technical annex of the certificate.

Electronic signature

This document is digitally signed, including time stamping.

Contact

To request a quote please fill out the following form. Do you have any questions? Contact us, we will clear up any doubts you may have.

PCiTAL | Edifici H1 2a planta, B· 25003 Lleida (Spain)

(+44) 973 282 300

We use first and third party cookies to better understand users behaviour and to further improve our offerings, based on your browsing habits. If you continue browsing, we will consider that you accept their use. Click herefor further details.