1. ABOUT GDPR
The General Data Protection Regulation (“GDPR”) is the primary law regulating how companies protect EU citizens’ personal data which went into effect on May 25th, 2018.
You can learn more about GDPR at their official site.
2. HOW FEATURE.FM MANAGES CONSENT
Feature.fm has implemented a consent method to collect and treat personal data that includes:
- Giving or withdrawing consent to tracking
- Giving or withdrawing consent to PII collection and email marketing
- Additional information over what cookies are used for and by whom
Giving Consent for Remarketing Pixels and Cookies
First, when fans navigate to a Feature.fm landing page, they will be asked to consent to cookies or can manage their permissions to opt out.
Managing permissions settings
At any time, fans can navigate to a dynamic Privacy Settings tab to manage their permissions settings or opt-out completely.
Collecting emails and sending marketing communications
GDPR requires fans in the EU to explicitly opt in to receive email messages from Feature.fm's clients who are the Data Controllers. After a fan takes an action that may collect their email address, they are presented with an option to opt in to receive future marketing emails.
Feature.fm will not collect the email or names of fans who do not opt in.
Viewing and protecting fan email addresses
To view your list of fan email addresses in your Feature.fm dashboard, Feature.fm is implementing a 2-Factor Authentication log in process that verifies your identity to protect fan data.
When you view your list of emails in your campaign or audience tab, you'll notice that there are some users that are listed anonymously. These are fans who did not opt in to receive emails.
Feature.fm customers are allowed to email fans who have opted in. Any email addresses that you are able to view are from fans who opted in. If a fan later opts-out, then their email address will updated to be anonymous.
3. “PERSONALLY IDENTIFIABLE INFORMATION” (PII)
Personally Identifiable Information (PII) is information that can be used on its own or with other information to identify, contact or locate a single person, or to identify an individual in context.
General examples of PII are:
- First and last names
- Email addresses
- Financial records
- Credit card numbers
- National insurance/SSN numbers
4. FEATURE.FM'S SECURITY & DATA HANDLING
Feature.fm is committed to protecting customer data and privacy. All founders of Feature.fm are graduates of the Mamram Unit in the Israeli Army and have extensive backgrounds in Cyber Security and Data Protection.
We are regularly reviewing our data protection measures and will continue to enhance protection protocols to ensure the highest level of security. Feature.fm's ongoing commitment to data protection include a number of security measures:
Security & Data Handling
- Feature.fm only uses trusted and certified compliant data-centers that carry certifications, including ISO 27001 and SOC.
- Feature.fm is continually investing in our own and our partners security infrastructure.
- Feature.fm is currently in the process of obtaining a SOC-2, Type II report, anticipated to be completed within 2018.
- Feature.fm will self-certify with the EU-US Privacy Shield within the 1st quarter of 2020.
- All data is encrypted in transit using SSL and at rest using industry-standard AES-256.
- 2-Factor Authentication is required for Feature.fm Customers to access or view PII.
- Advanced Intrusion Detection and Intrusion Prevention Systems are implemented within the infrastructure to detect and prevent data breaches.
- Advanced Security Event Logging & Monitoring (SIEM Solution) are implemented in Feature.fm's infrastructure
5. PRIVACY CONTACT
For more information, please contact firstname.lastname@example.org.