What is the GDPR?
The GDPR stands for General Data Protection Regulation, which imposes rules on companies processing personal data of “subjects” residing in the European Union. This means that any information related to a natural person or “Data Subject” that can be used to directly or indirectly identify the subject must be processed according to the GDPR guidelines.
Enforcement of the GDPR began on May 25, 2018. For more information on the regulation, please view their website at https://gdpr-info.eu/.
Why was this policy created?
Does the GDPR affect me?
If you are an organization that is organized in the EU and / or processes personal data of EU citizens, then you must also comply with the GDPR.
There are two classifications for your organization:
Data Processor - organizations are classified as processors if they store or process personal data on behalf on another organization.
Data Controller - organizations are classified as controllers if they determine the purpose of storage and / or processing of personal data.
Some organizations may be both processors and controllers.
When my organization enters personal data into Method, am I a controller or a processor?
You are the data controller. The data you enter into our CRM is controlled and managed by your organization. You decide how the data is used, when the data should be updated, how long you should keep it, etc.
What role does Method play?
According to the GDPR, Method plays both classification roles.
As a Data Controller - Method handles data about our customers for our own purposes, such as marketing activities.
As a Data Processor - Method provides software to our customers which allows them to become data controllers of the data they store about their customers.
Is Method GDPR compliant?
These are just some of the many steps Method has taken to meet the data transparency goals of the GDPR. This continues our practice of protecting your data and providing for the legal and secure handling of your organization’s critical business information.