VIEW
DEMO

GDPR 2018

GDPR 2018

Our approach is to conform with 2018 EU General Data Protection Regulation as soon as possible. Please return to this page for GDPR implementation updates.
We are now 100% compliant with GDPR. See details below, or read our dedicated blog post.
  Until 25 May there are left:

How Vibetrace is getting ready for GDPR:

Under GDPR anticipation, which comes into force on 25th May 2018, we consider the following:
  •  Added personal data processing agreement to our Terms & Conditions.
  •  Added option to download of all collected personal information for one user.This feature is already added. See details.
  •  Added option to delete user from dashboard.
  •  Allow users not be tracked on your website. See details
  •  Allow to collect personal data after having explicit user agreement.Our email collectors have a required checkbox.
  •  Respect all rules both as a Data Controller and a Data Processor.

In addition, to extra protect our customers and personal data they control, we will add more feature to strengthen compliance with GDPR rules.

What is GDPR:

GDPR is an abreviation of General Data Protection Regulation, which refers to the right of personal data for EU citizens.  This regulation allows EU citizens the right to request access, change and/or removal of any personal date from a company. GDPR defines 3 roles:
  • Data Subject (internet users), owners of personal information
  • Data Controller (companies that controls this data). Online stores, websites. Examples are Vibetrace’s clients or vibetrace.com website
  • Data Processor (data processors that deliver a service to Data Controllers). This is Vibetrace
For more information, please visit official GDPR website

For internet users (Data Subject)

Internet Users represent your online store visitors, clients, employees

What is Vibetrace

Vibetrace is a marketing automation software that helps online retailers sell more and easier. To do this, we provide businsesses with email marketing, onsite/email/push retargeting, product recommendations, push notifications or landing pages services. All Vibetrace services show potentials customers the most relevant products to entince them into buying.  Our services include:
  • Product catalogue analysis for each customer
  • Purchase history analysis
  • Onsite behaviour tracking and analysis
Using these information, Vibetrace computes product recommendations, creates personalized messages for a better shopping experience.

What data are we collecting

When an user visits a store using Vibetrace, the following data is collected:
  • Visited pages
  • Media content given by Vibetrace
  • Content clicks and interactions
  • Purchased products from orders
  • Email address, if shop wants this thing
  • Firstname, Lastname and email address when they become clients
  • Data is kept up to 12 months, depending on visit frequency and duration.

What users can do

For any information shared with Vibetrace by a Data Controller (store/website), users are able to:
  • 1. Obtain a copy of the information
  • 2. Bring changes to this data
  • 3. Request data removal
  • 4. Choose not to be tracked any more
Vibetrace allows Data Controllers (shop/website owners) to make any of these actions. If you are an end user and have questions about these please contact us.

For store/site owners (Data Controller)

Personal Data Vibetrace will use information that is automatically gathered by our system, or data send by you (store/website). Any client (store/website) has total control on the data being sent to us and is required to ensure that data sent is according to your own Privacy Policy being publicly displayed to your users. Vibetrace can use information like: email addresses, unique ID’s or any other data. Vibetrace can be used without personal data, but that comes with a drop in performance. As Data Controllers, we ask you not to send sensible data to Vibetrace: credit card numbers, state identification numberes, full home addresses.

How does Vibetrace Marketing Automation Software works:

We take GDPR seriously, the same way we’ve respected and protected personal information for our users.

Measures already implemented:

  • All data is saved and processed in a safe environment, behind private networks and secure cloud from Amazon, Google and Azure.
  • Personal information are kept separetely and passwords are encrypted.
  • There is a high probability that data processing is outside EU. Suppliers we are using to keep and process our data are also in line with the data protection regulation.
  • We run routine tests to detect vulnerabilities on our platform.
  • Our employees only have access to these personal data to perform their job tasks.

What you need to do as an online business/ecommerce store:

You will need to gain explicit tracking permission from your users. We recommend to check rules that apply to you from a specialised legal office.

You need to allow users not to be tracked, depending on the rules in your country. We recommend to include in your Terms&Conditions/Privacy Policy that you are using Vibetrace, how we help your business and how they can withdraw from tracking.

When receiving a delete request, you will need to remove all personal data from your own system and from Vibetrace to remove the change of reimporting users into Vibetrace. Complete removal of personal data could take up to 30 days based on platform technical details.

You will need to keep all removal/update requests for at least 60 days, in cases like returning to an older backup so we know to remove this data again. In such situations you will be contacted by one of our representatives.

You need to agree that you read, understand and implemented these things, before starting to track users.

For any questions, please contact us or send an email to [email protected]