Answers to the most frequently asked questions on the GDPR and Spotler Engage

Linsey • 4 minute read • 05/03/2018
Featured image

Like many other organizations, Spotler Engage is getting ready for the GDPR, the new laws and regulations surrounding privacy and personal data that will take effect on May 25th, 2018. In this blog we will gladly guide you in the new regulations and what this means to us and our clients.

What is GDPR (General Data Protection Regulation)

The protection of personal data is a fundamental right that is proclaimed in the Charter of Fundamental Rights of The European Union and the treaty on the functioning of the European Union. The general data protection regulation is a European law that regulates the protection from this fundamental right.

From May 25th onwards, the regulation is directly applicable in the whole European Union and substitutes the Dutch Personal Data Protection Act. The Dutch Personal Data Protection Act was based on the precursor of the general regulation, the Data Protection Directive No. 95/46/EC of the European Union.

Is Spotler Engage ready?

Since the summer of 2017, Spotler Engage has been actively preparing for the commencement of the GDPR. Spotler Engage has always been investing in time and financial input in system and data security. Individually, Spotler Engage has been collecting data from public sources as Twitter, Facebook, Blogs and Fora. These messages are usually from natural persons, that are trackable from a Twitter handle, Facebook name or biography information on the social media platform.

In itself, it is not an issue, as long as the objectives for collecting and processing of this data have a legitimate purpose. In our Privacy Statement, Spotler Engage’s legitimate purpose is construed. In this matter, Spotler Engage stands as a data controller and data processor. Therefore, simply all responsibilities regarding data protection are carried by Spotler Engage.

But aside from collecting public data, your organization and client is collecting private data too from natural person’s channels such as Facebook Messenger, Twitter DM chat, and WhatsApp. For example, take a look at an e-mail address, bank account number, birthdate, etc. this data is also recorded in the solutions of Spotler Engage. For this information, your organization, as well as the client itself is the Data controller and Spotler Engage the data processor. Your organization, therefore, must comply with the data controller’s duties and Spotler Engage must thereby comply with the data processor’s duties.

Through The Government, a manual can be downloaded in which the responsibilities of the data processor as well as the data controller are displayed.

Your task as an organization

We advise you to go through the manual of the government thoroughly and internally discuss whether your organization meets all criteria to comply with the GDPR and whether all provisions have been met to comply before may 25th, 2018.

Secondly, to form a data processor agreement with all related parties in data processing in your organization is of utmost importance. Even with Spotler Engage, if you have not already. If your organization does not possess a standard processor agreement, then we can hand over a template standard processor agreement to you.

The risks of doing nothing

The Dutch Personal Data Authority (DPA) is responsible for supervising personal data processing to ensure the compliance of the GDPR. Whenever an organization has not taken traceable provisions to protect the data of natural persons or does not hold up to the directives, administrative fees could be imposed.

Violations of provisions on the principals, legal bases and rights of the related parties can be followed with sanctions of administrative fines up to 20 million EUR or 4% of the worldwide annual revenue, in case the latter is higher.

Based on the paragraph above, it can be stated with all clarity that following through with compliance measures is highly recommended.

Forming a processor agreement with Spotler Engage

We gladly form a processor agreement with your organization. For this measure, please contact us!

Inspired? Share this message!
Linsey Jepma
As Content & PR Coordinator, I am involved in the wonderful world of webcare, chatbots, reputation management and data insights on a daily basis. Writing really is my thing and I have an inexplicable passion for neuromarketing and behaviour. Do you want to exchange thoughts? Connect with me at LinkedIn.

Related items

Spotler Engage • 2 minute read • 26/04/2024

Spotler Engage ranked number 1 in the Emerce100

In the Emerce100, Spotler is once again in top positions in various categories. This makes us one of the best companies ...
Read more Arrow right
• 19/04/2022

Spotler Group Acquires OBI4wan (now Spotler Engage)

Today, Spotler Group announced the acquisition of OBI4wan B.V. (now Spotler Engage), an omnichannel customer service and...
Read more Arrow right
• 3 minute read • 25/04/2019

Spotler Engage adds Google Reviews as a new feature

Good news! It is now possible to monitor Google Reviews via Spotler Engage. Spotler Engage is the first organisation in ...
Read more Arrow right