GDPR commitment

Watermelon’s commitment to GDPR

The GDPR (General Data Protection Regulation) is an important piece of legislation to ensure the data security of EU citizens. The law went into effect on 25 May 2018.

Our commitment: Watermelon will be as compliant as possible by 25 May 2018.

What does Watermelon do to be GDPR compliant?

Watermelon began the compliance process as of 15 February 2018, a quarter before the deadline. Compliance with an international law is very important for us.

Below is an abbreviated version of our compliance roadmap:

  1. Detailed research into the impact of our products and the impact of GDPR on Watermelon  – COMPLETE
  2. Rewriting our data security policy – COMPLETE
  3. A strategy and task list to address the impact of GDPR on our product – COMPLETE
  4. Add or edit the necessary elements in our product- IN PROGRESS
    1. Automatically deleting data –  IN PROGRESS
    2. Deleting of all data – IN PROGRESS
    3. Exporting your data – IN PROGRESS
    4. Completely deleting your account and associated data – IN PROGRESS
    5. Two-factor authentication login – IN PROGRESS
    6. Button to anonymise all data from Facebook, Twitter and Telegram – IN PROGRESS
  5. Implementing the necessary changes in our internal processes – IN PROGRESS
  6. Adapt external communications (i.e. cookie bar) to be GDPR compliant – IN PROGRESS
  7. Updating our internal privacy policy – IN PROGRESS
  8. Test and verify that our changes are sufficiently compliant with the AVG – TO BE ANNOUNCED
  9. Finalizing communications about our compliance – TO BE ANNOUNCED

Watermelon has hired multiple lawyers and legal consultants to get a complete understanding of what changes needed to me made in order to be GDPR compliant.

What changes is Watermelon making to be GDPR compliant?

Among the many steps we’re taking, we’re anonymising parts of the product and researching how you can meet your customer’s expectations.

Based on the internal and external research conducted, making the necessary changes will allow Watermelon to be fully GDPR compliant.

What do Watermelon customers have to do?

There are two options, depending on how your chatbot interacts with your customers. Below is a list of the impact GDPR will have on you when you’re using Watermelon:

  1. When you want to use personal data in chat, ensure you share your user agreement with your customer, and ensure they’ve agreed to these terms and conditions before you continue the chat. GDPR can lead to hefty fine when this acceptance isn’t adhered to.
  2. When your company is within the EU, you’ll want to sign a data processing agreement with Watermelon. Once you’ve signed the form, email it to compliance@watermelon.co for us to sign and return to you.

I don’t understand GDPR but I want to know more

The GDPR is the largest scale legislation regarding data protection in Europe. It replaces the Personal Data Protection Law of 1995.

The GDPR regulates the processing of personal data of individuals in the European Union – this includes collecting, storing, sending or using personal data. It’s important to note that the term ‘personal data’ is very broad; all data that could lead to a specific person can be seen as personal data.

As an individual you have more rights and more control over how businesses use your data. The GDPR is taken seriously due to the significant fines associated with non-compliance or negligence.

A short summary of the most important points of GDPR:

  1. More rights for individuals: Within the EU you have the right to be forgotten, and the right to ask a company for a copy of all of your data.
  2. Mandatory compliance: The GDPR expects that companies have developed and implemented policies and safety protocols, will hold privacy assessments, and keep a detailed overview of what happens with data, including signing data processing agreements with third parties.
  3. Data breach notifications and security: The GDPR makes it mandatory for organisation to report data leaks or breaches to the Data Protection Authority and in some cases to the individuals affected. The GDPR also demands companies take extra safety measures.
  4. New demands for profiling and monitoring: The GDPR makes new demands of the way in which companies monitor or profile individuals in the EU.
  5. Increased policing: The GDPR allows authorities to assess fines up to 20 million euros of 4% of worldwide revenue based on the impact of the data breach or violation.

Even if you’re an organisation outside of the EU, you’ll still  need to comply with the GDPR. The GDPR legislation applies to all businesses that handle or process data from individuals residing in the EU, regardless of whether or not the company does business in the EU.

If you have questions about the GDPR, contact us via email at compliance@watermelon.co.

Wil je ook je eigen digitale collega?

Wij laten je graag zien hoe je met Watermelon binnen no-time je eigen chatbot bouwt. Vraag nu een gratis demo aan!

Vraag demo aan