GDPR: What We’re Doing At SubHub To Comply With The New Regulation
The new General Data Protection Regulation (GDPR) comes into force on May 25th of this year, and like many other companies we have had a lot to do to make sure that we’re compliant with the new rules. We’d thought it would be useful for you to know what we’re doing behind the scenes to change our current data practices.
- Implemented a Data Protection Impact Assessment process – this is essentially a risk assessment to help us identify and minimise the risk of a data breach.
- Documented and checked all the sub-processors and third-party integrations – we’ve been making a list of all the third-party companies and services we use to deliver SubHub and our related services, and making sure that they are all GDPR compliant as well.
- Created a detailed register of our data processing activities – we’ve documented exactly what we use personal data for and how it’s stored and processed.
- Moved our database to EU data center – we were storing our database with a US datacenter, but we’ve moved to an EU one for better control.
- Audited our back up policy – we’ve made stricter rules for how long we store personal data and for what reasons.
- Done a data clean up – all outdated and obsolete data (from past clients, out-of-date backups etc) has been deleted from our systems.
- Updated our email sign up processes – our sign-up forms are currently being updated and clarified to help us get affirmative consent.
- Update our free trial sign up processes – our free trial sign up process is also being updated to include marketing consent and our new policies.
- Re-optin campaign to all our mailing lists – we’ll be sending out a re-optin campaign to all our mailing lists, encouraging subscribers to resubscribe to ensure that the data we hold is up-to-date and we have explicit marketing consent.
- Created a procedure to deal with data access and update requests – a basic procedural document to show how we will deal with these sorts of requests.
- Created a data breach plan document – a procedural document to show what we’ll do in the case of a data breach.
- Updated SubHub platform – so that our clients have the capabilities to enable cookie notifications, online forms for data access requests, and other actions.
We’ll continue to add to this list as we go along. If you have any questions, let us know at [email protected].
Hire our design service
Ready to transform your knowledge into an online business with a membership website but don’t have the time or skill to build it yourself? Our design service could be the solution.Learn More
- The 5 Numbers You Must Know to Ensure the Success of Your Membership Website
- 5 Musts for a Successful Financial Membership Website in 2024
- Create an Income Selling Digital Downloads and Printables
- The Best Membership Website Builder for Online Courses in 2024
- Market Your Membership Website with Landing Pages
- Case Study: Setting Up a Profitable Online Side Business
- Case Study: Selling Downloadable Sunday School Teaching Materials
- Case Study: How an Author can Create an Online Presence
- Case Study: Launching an Educational Resources Membership Website
- Case Study: Identifying your Customer Persona
- Case Study: Starting an Online Digital Magazine
- Case Study: Starting an Online Yoga Studio Website
- Case Study: Building an Online Guitar School Membership Website