Billing & Purchasing
Data, Quality & Reliability
What is GDPR?
The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union. It also addresses the export of personal data outside the EU. [Wikipedia]
At Crafty Clicks we are committed to making sure that the way we store and use any personal data fully complies with the new rules.
GDPR comes into force on 25 May 2018.
What is Crafty Clicks doing about GDPR?
At Crafty Clicks, we have always taken care to ensure our clients' data was handled with care, stored securely and used only to the extent required for the functioning of our products. We have never sent unsolicited advertising or marketing communications.
We conducted a thorough audit of all data we store and reviewed our procedures in light of GDPR and we meet and exceed the standards required. Crafty Clicks makes information security a priority and we already comply with strict security standards, for example PCI-DSS.
What data do you hold?
We keep contact details for our customers and only process this data as necessary for maintaining normal supplier/customer business relationships.
Our customers integrate our address lookup API into their own systems and naturally will want to asses any possible impact on their own GDPR compliance. Our API will “see” the originating IP address and search queries, but will not identify an individual person. The API logs are used for billing and to enable aggregate usage reporting to our data suppliers. They are kept in a secure environment and, by default, erased after 6 months. We never have and never will use the API logs for any other purpose.
Where does Crafty Clicks store data?
Similar to many SaaS providers, we use Amazon Web Services (AWS) to host our services. AWS is a specialist top-tier, third-party data hosting provider and complies with strict security standards. For more information about AWS’s approach to compliance with the GDPR, see https://aws.amazon.com/compliance/gdpr-center/. Currently all our services are hosted in AWS data centres in Ireland and the USA.
Will anything change after 25 May 2018?
We understand that some of our customers will be sensitive to any of their end-user data being stored in our systems, regardless if this data is personal or not. Our system now has a feature which prevents IP addresses and search queries from being stored in the API usage logs. Please contact your account manager if you wish to enable this feature on your account with us.