quintly blog

GDPR Compliance: Data Protection and Privacy at quintly

Written by Alexander Peiniger | May 22, 2018 10:00:00 PM

Data protection and data privacy has been an important topic for us at quintly at all times. With our headquarters being in Germany we have also always been in an environment that puts data privacy high up on the priorities. As the new General Data Protection Regulation (GDPR) comes into full force this Friday, May 25, 2018, we questioned our processes even more to make sure that we are fully transparent on what we do with users' personal data and that we are fully compliant with the new regulations.

Even though there have been a lot of discussions around the new regulations, we believe that the spirit of the law is going into the right direction and it fits perfectly with what we have as company values for years. With this blog post, we want to update you on the main changes.

New privacy policy

We have created a completely new privacy policy that is much easier to read and explains everything that we do with personal data that we receive through various different channels. It is still a challenge to have everything included and at the same time make it easy to understand, but we believe that we have found a good balance. We approached this project not with the main goal to have legal language in place to protect us as a company, but rather give every user the chance to really know what we do and what their rights are.

Additional control over cookies usage

We will also be implementing a new model around cookies on our websites (still in progress). Giving transparency and control to you is our main goal here. This means users will be able to select in a more granular way what type of cookies/tracking they want to accept and which they don’t want.

Transparency on data processing and subprocessors

The new regulation also puts a lot of emphasis on the legality of the processing and expects from companies that they show for each and every use case what the legal basis is for processing users personal data. We first thought about putting everything in our privacy policy directly, but this would blow up the document to 20 pages or more, which would be hard for users to consume. That’s why we decided to create a separate list of our processing activities and a list with all the subprocessors we use and then link to these documents from the privacy policy.

Data processing agreements for customers

For our business customers we now offer a data processing agreement to be signed by our customers and us. If you as a customer need such a signed agreement, please get in touch with us at dataprivacy@quintly.com and we will send you all the needed documents.

Your data, your rights

The GDPR gives users a lot more rights, although many of these have already been present in Germany for years. Within our product you can already make a lot of changes to your data and preferences, but feel free to reach out to us anytime with any request at dataprivacy@quintly.com and we will do our best to give you an answer as quick as possible.

Feel free to reach out to us!

We consider data protection and data privacy an ongoing initiative and the GDPR deadline this week is just a starting point. We expect that there will be a lot more clarity on specific use cases once the courts have taken first decisions on how to interpret parts of the new regulation. Therefore we will do further changes in the future to make sure our approach is always state-of-the-art and that you as users feel that we value your data as much as we should. Should there be any questions, don’t hesitate to reach out to us at dataprivacy@quintly.com.