We have had a number of requests for information on GDPR compliance and ProMart 3.0.
In less than one month, the new EU privacy regulation called the General Data Protection Regulation (GDPR) will come into effect. It imposes strict requirements on the way businesses collect, store and manage personal data.
If you’re unfamiliar with GDPR, here’s what you need to know:
GDPR provides citizens of the EU with greater control over their personal data and assures that their information is being securely protected across Europe, regardless of whether the data processing takes place in the EU or not.
Personal data can be a name, email, address, date of birth, personal interests, unique identifiers, digital footprints and more. Typically, this is the kind of data that is stored in your CRM / ProMart 3.0
We have prepared the following resource that you can reference in order to complete your own company GDPR policies. The way you use the data in your system needs to be outlined in your policy. Its not something we can create for you as it will be specific to the way your company deals with your data.
What Data ProMart 3.0 Stores
ProMart is capable of storing the following information, wether or not you use all of these fields needs to be outlined in your policy.
Personal / Business Information
- Mobile Phone Number
- Website Address
- Landline Number
- Skype Contact
- Invoice Address & Company Name
- All Previously Used Delivery Addresses and Company Names
- Pertinent Bespoke Dates
- Credit Limit
- Credit Check Date
- Accounts Email Contact & Name
- Financial Notes
- Credit Card Tokens + Last 4 digits on Card
- Facebook Link
- Linkedin Link
- Twitter Link
- Youtube Link
- Google Plus Link
- Pintrest Link
Enquiries / Orders
- Sales Orders
How Long is this Information Stored?
ProMart 3.0 will store all of this information indefinitely. The GDPR legislation has rules around the polices which mean depending on your specific business needs, there may be limitations in terms of the extent of this data, and the length of time it may be reasonable to hold this data. This needs to be defined in your policy and provided to us if you wish us to remove data after a set period. This can refer to user accounts and to files and documents that ProMart 3.0 stores.
Where is this Information & Backups Stored?
Currently all ProMart 3.0 sites reside in Germany on Hetzner servers. Backups are completed daily to the following locations. Germany, Virginia USA, Kent UK. We store backup files of all documents and databases on Amazon S3 Storage drives and locally in our offices.
How is this Data Secured?
All our servers are equipped with firewalls and the admin areas are only accessible via SSH key pairs or 2 Step verification using Google Authenticator the same is true with all of our backups. We provide optional 2 step verification to all admin logins that use ProMart 3.0. It's down to you as a company to enforce this policy to ensure the security of your data. All ProMart 3.0 systems enforce the use of 256bit encryption via SSL certificates provided by Let's Encrypt.
We also offer the ability to lock down certain areas of ProMart and restrict the ability to export information to set people within your organisation. If you wish to lock areas of ProMart 3.0 to certain users then you need to outline this in your policy and inform us of any changes you wish to make.
ProMart 3.0 no longer offers an integrated email marketing system. You must use a mailing system that offers the ability to manage subscription preferences to mailing lists. In the future ProMart 3.0 will offer more integration with Mailchimp. At which point we will inform you and update this page with more information.