GDPR Compliance
We’ve created this page to provide information about FeedBear’s compliance with the European Union’s General Data Protection Regulations (GDPR). This page is primarily meant for companies and organizations that use our product and wish to get more information on how we comply with the GDPR.
Purpose
Since we collect and process personal data of residents in the European Union through our product, we are required to be in compliance with the GDPR. In order to offer a great product to our customers, we adopt the best practices to help secure the privacy and protection of all personal data we collect and process on their behalf.
What is the GDPR?
The General Data Protection Regulations (GDPR) is a mandatory legislation introduced in 2018 to ensure the security and protection of all personal data provided by EU residents and collected by businesses, individuals or organizations all over the world.
Role as Data Processor & Data Controller
FeedBear offers a product that aids companies and organizations in collecting and analyzing feedback from their own customers (who are the end users of our product). Some of these end users or our own customers reside in the EU.
For companies and organizations using our product, we act as data processor (they are data controllers for their end users), collecting, storing and retrieving data on their behalf and at their request.
For end users signing up to participate on a FeedBear board, we act as their data controller and processor.
Also, since we collect, store and retrieve data to analyze and improve our product, we act as both data controller and processor for our own purposes.
What Data Do We Collect?
Some of the personal data our application collects either by itself or through third party tools include cookies, usage data, email address, first name, company name, website, last name and username. The full details on each type of Personal Data collected and other applicable provisions are provided in our Privacy Policy or by specific explanation texts displayed prior to such personal data collection.
Personal data may be provided by the user, or, in case of usage data, collected automatically when using the FeedBear application.
Customers may also import user data by manually importing source data or integrating FeedBear with other tools, using our API, Zapier or webhooks.
Third Parties Services
We use some third party services in collecting, retrieving and processing personal data and we always ensure that the GDPR requirements are duly complied with when using these tools.
Consent Collection
When acting as data processor to our customers that are companies and organizations (the data controllers), it is the obligation of the data controller (our customer, a company) to ensure that they have collected consent and made clear that personal data is being collected for use on FeedBear’s product. However, when acting in our role as a data controller, it is our obligation, and we ensure that consent is collected from the data subject to allow us to store and use data on our platform.
Data Processing Agreement
We have created a data processing agreement (DPA), which includes standard contractual clauses as approved by the European Commission to protect the transfer of personal data outside of the European Economic Area (EEA). To request the DPA or submit your custom DPA for signature please get in touch at [email protected].
Data Breaches
Where any incidences of data breach occur at any point in time, we will notify our customers within a reasonable time, upon discovery of such breach, and we will work with our customers to inform Data Subjects of the breach.
Contact
If you have questions regarding the GDPR requirements and how they may impact your use of FeedBear’s product, please contact us by email at [email protected].