Customer Success Best Practices

If you’re in the tech business—and even if you’re not—you’ve probably heard about GDPR. (In case you haven’t, we’ll explain the basics shortly.)

But what is it? And what does it mean for you as a Custify customer or reader?

Keep reading to find out.

What Is GDPR?

The General Data Protection Regulation (GDPR—Regulation (EU) 2016/679) is a comprehensive privacy and data-protection regulation in the European Union to strengthen the protection of “personal data” and the rights of the individual. It became applicable and binding on May 25th, 2018.

In short, it’s a single set of rules which governs the processing and monitoring of EU data. It identifies some responsibilities for companies, as well as penalties for non-compliance.

Companies are no longer allowed to use arcane language for their terms and conditions, and there are specific requirements for notifying customers of data breaches.

For more details on what the GDPR entails, check out the official GDPR website.

The regulations apply to organizations within the EU, as well as organizations outside the EU that do business in Europe.

Since we’re based in Romania, and many of our customers are in the EU, we’re subject to GDPR regulations.

Our Commitment - Custify is GDPR compliant

We’ve always been committed to high standards of data protection, information security, privacy, and transparency. (Which is one of the reasons we chose a data center in Germany, where data-protection standards have always been high.)

To make sure we’re protecting your data, we’ve revised our internal policies to meet the requirements of the GDPR.

We’ve also developed a robust plan to protect your data. We made the plan with an understanding and an appreciation of the GDPR.

Under the regulations, we’re called a “data processor.” That basically means that we have your data on our servers.

(Many of our customers are data processors as well. But for the purposes of this post, that doesn’t really matter.)

As you can be a processor or controller - depending on your business model - you have to sign a DPA with all your subprocessors. Custify provides a easy way to sign our DPA.

We provide easy to use API functions to handle ‘forget me-requests as well as ‘give me all data‘-requests. Both of these requests are built directly into the Custify API. So if your customers request those information, we’ll deal with it for you. It’s just one of the things we’re doing to help our own customers stay GDPR-compliant, too.

We also endeavour to ensure that personal data is not transferred to countries outside of the European Economic Area without adequate data protection. Besides that, we have also signed a DPA with all of our subprocessors.

Our GDPR Actions

We have published updated versions of our privacy policy and terms and conditions that incorporate our GDPR responsibilities and obligations. As you are also in request to sign a DPA with all the subprocesors that you have, and Custify is one of them, we have provided also an easy way to sign our DPA.

As you’ll see, they’re much more straightforward than pre-GDPR documents. We aren’t trying to hide anything. We want you to know what we’re doing with your data. (And we’re always happy to answer any other questions you might have about data collection and storage. Just shoot us an email.)

We’ll continue to update these documents when things change. And we’ll also keep your data safety at the top of our priority list.

Data Protection Addendum

In the course of providing the Custify service to our customers, Custify may process personal data on our customers’ behalf. GDPR applies to that data, too. To this end, we offer a data protection addendum.

If you want to know what happens with your customers’ data that ends up on our servers, give it a read. Any sub-processors that we might use (other companies that help us process your data) are listed there as well. If we decide to work with another sub-processor, we’ll add it to the list 30 days in advance, to give you a choice, as required by law.

What This Means for You

For the most part, you don’t have to worry about GDPR. We know our responsibilities under the regulations, and we’ll carry them out. The long and short of it is that we’ll protect your data to the absolute best of our abilities.

You just keep providing the best service you can for your customers.

You might also enjoy:

Best Practices

7 Proven Customer Success Tactics to Improve Your Customer Experience

You know that customer success is crucial for your company. But now you need to figure out how to actually do it. And that can be difficult.

Best Practices

SaaS Pricing Strategies and How To Pick One

Deciding on a pricing strategy for a SaaS is often not as easy as it looks. Most products have a fixed price and a simple pricing strategy.

Best Practices

How to Set Up Your CRM for Customer Success

Of all the pieces of software your company uses, customer relationship management (CRM) software might be the most important. This is especially true for customer-success-focused companies.

Notice:

Notice: This website or its third-party tools use cookies, which are necessary to its functioning and required to achieve the purposes illustrated in the privacy policy. If you want to know more or withdraw your consent to all or some of the cookies, please refer to the privacy policy. By closing this banner, scrolling this page, clicking a link or continuing to browse otherwise, you agree to the use of cookies.

Ok