What is GDPR?

 

The European Union’s General Data Protection Regulation, or GDPR, enhances the existing framework for companies that process the personal data of EU-based residents. It comes into effect on May 25, 2018, bringing with it a host of new obligations for those companies, and new privacy rights for their end users. Processing data can mean many things, from collecting data to storing and using it. Organizations large and small that process the personal data of EU-based individuals are now preparing for the new regulation, and piHappiness is no exception.

 

 

GDPR also applies to Organizations located outside the EU:

 

Unlike the Data Protection Directive, the GDPR is relevant to any globally operating company, not just those located in the EU. Under the GDPR, organizations may be in scope if (i) the organization is established in the EU, or (ii) the organization is not established in the EU but the data processing activities are with regard to EU individuals and relate to the offering of goods and services to them or the monitoring of their behaviour.

 

 

Definitions

 

 

GDPR

 

General Data Protection Regulation Act.

 

 

Data Controller

 

Data Controller means the natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal information are, or are to be processed.

 

 

Data Processor

 

Data Processor means any natural or legal person who processes the data on behalf of the Data Controller.

 

 

Data Subject

 

Data Subject is any living individual who is using our service and is the subject of Personal Data.

 

 

piHappiness GDPR Commitment

 

piHappiness gives utmost importance to the data privacy of its customers. In compliance with the GDPR regulation effective from May 25, 2018, piHappiness hereby confirms upon the data privacy, security & transparency commitment, the company offers to all its customers. We have an up-to-date Data Processing Agreement in place that elucidates our approach towards GDPR. We acknowledge that the GDPR will help us adopt the highest operational standards and will thereby facilitate to protect customer data in the best way possible.

 

 

What piHappiness is Doing to Support its Users in Meeting the Requirements of GDPR?

 

We are happy to support our users in meeting the requirements of GDPR. In addition to the updates to our Privacy Policy to reflect our new obligations, we implemented a process in place to support users seeking to export or access their personal data in a seamless way and trained our staff on how to build and design privacy-conscious products.

 

 

Principles for Processing Personal Data

 

Our principles for processing personal data are:

 

Fairness and Lawfulness.

When we process personal data, the individual rights of the Data Subjects must be protected. All personal data must be collected and processed in a legal and fair manner.

 

Restricted to a Specific Purpose.

The personal data of Data Subject must be processed only for specific purposes.

 

Transparency.

The Data Subject must be informed of how his/her data is being collected, processed and used.

 

 

What Personal Data We Collect and Process

 

In order to execute the Agreement, and in particular to perform the Services on behalf of Customer, Customer authorizes and requests that piHappiness Process the following Personal Data:

 

Customer Information :

 

Information that we may collect from your use of the piHappiness websites and your interactions with us offline such as:

 

Contact Information:

 

Name, home address, telephone or mobile number, email address, and passwords, Address, State, Province, ZIP/Postal code, City.

 

Financial Information:Credit card’s number and billing information (tax id, number of the payer VAT, billing address, billing email, where invoices are sent); Credit card number is handled by Network.ae (our payment gateway), by Paypal, or other types of payment ; piHappiness only charges your credit card for payments.

piHappiness deal with customer information according to the terms of our general

 

 

Privacy Policy.

 

Services Data : Data that resides on piHappiness, customer or third-party systems to which piHappiness has provided access to perform services.Data stored and processed by users, such as: source code for the application, databases that the applications use, files generated by applications, the history of operations performed by users.

 

Log File Information : Three types of logs are saved by piHappiness’s system: Connection logs which are essentially logs from each request to each application. These connection logs may include information such as the web request, Internet Protocol (“IP”) address, browser type, referring / exit pages and URLs, domain names, landing pages, pages viewed and other such information.The second type of logs are application logs, which are produced by each application of our customers. piHappiness does not have control over the content of these logs. The control of application logs as Personal Data remains with the Customer. Timeline event logs which are a record of alerts and notifications that can help piHappiness to identify and diagnose the source of current system problems and help predict future problems. piHappiness processes Customer information according to the terms of its Privacy policy and treats services data as confidential in accordance with the terms of your order for services.

 

 

How We Use the Personal Data

 

piHappiness uses the collected personal data for various purposes:

 

To provide you with services
To notify you about changes to our services and/or products
To provide customer support
To gather analysis or valuable information so that we can improve our services
To detect, prevent and address technical issues

 

 

Legal Basis for Collecting and Processing Personal Data

 

piHappiness legal basis for collecting and using the personal data described in this Data Protection Policy depends on the personal data we collect and the specific context in which we collect the information:

 

piHappiness needs to perform a contract with you.
You have given piHappiness permission to do so.
Processing your personal data is in piHappiness legitimate interests.
piHappiness needs to comply with the law.

 

 

Retention of Personal Data

 

piHappiness will retain your personal information only for as long as is necessary for the purposes set out in this Data Protection Policy. piHappiness will retain and use your information to the extent necessary to comply with our legal obligations, resolve disputes, and enforce our policies.

 

 

Data Protection Rights

 

If you are a resident of the European Economic Area (EEA), you have certain data protection rights. If you wish to be informed about what personal data we hold about you and if you want it to be removed from our systems, please contact us. In certain circumstances, you have the following data protection rights:

 

-The right to access, update or to delete the information we have on you
-The right of rectification
-The right to object
-The right of restriction
-The right to data portability
-The right to withdraw consent

 

 

Non-Compliance

 

The most referenced consequence of non-compliance with the GDPR is the maximum fine that can be levied against a non-compliant organization. The maximum fine that may be levied is 4% of global revenue or 20 million EUR, whichever is higher. Certain other types of infringements carry a maximum fine of 2% of global revenue, or 10 million EUR, whichever is higher. Less frequently referenced are the data protection authorities’ (“DPAs’ ”) powers under Art. 58 of the GDPR. These powers include the ability for the DPAs to impose corrective actions, such as a temporary or definitive limitation on data processing activities, including a complete ban on data processing, or to order the suspension of data flows to a recipient in a third country.

 

 

Our GDPR Readiness Checklist

 

1. DPA updated
2. Terms of service updated
3. Privacy Policy updated
4. Data Protection Officer appointed
5. GDPR training given to all employees that handle customer data

 

For complete information, please refer to our DPA, terms of service & privacy policy documents. If you have any specific questions, please feel free to write to our Data Protection Officer at sales@pihappiness.com. Our GDPR team will be more than happy to answer your queries.

 

Contact Us