The right to data protection and control was the driving mission on which Dock was founded. We are committed to empowering individuals to own and control their data on the internet.
Below we outline what is GDPR and how Dock is ensuring compliance.
What is GDPR?
GDPR (General Data Protection Regulation) is the updated Privacy Laws passed by the European Union which upholds the belief that data protection is a human right and outlines specific requirements for the protection of these rights by companies and organizations. The EU maintains that this regulation applies not only to companies in the EU, but to any company that is processing or handling personal data for EU citizens.
What is Personal Data?
Personal data is any data that can be used to identify an individual. Examples of personal data includes identifiers such as name, location, profile photos, email addresses, and many more.
Data Subject Rights
The following is a list of data protection rights included in GDPR that are supported within our product.
Right to be informed - You have the right to know how your data is being processed.
Right of Access - Your have the right to access and request copies of your data that’s being collected.
Right of Rectification - You have the right to modify or update your personal data if incorrect data is being used.
Right to Erasure - You have the right to delete any personal data that has been collected.
Right to Restriction - You have the right to prevent a company from processing certain types of personal data.
Right to Data Portability - You have the right to access your personal data and transfer it between controllers.
Right to Object - You have the right to withdraw consent to the processing of your data for public interest, marketing or research.
Right to Reject Automated Decisions - You have the right to object to your data being processed by automatic systems.
Below is a list of steps we are taking to ensure that our company is GDPR compliant:
Third party processor audit - We are continuously reviewing all of our third party data processor that interact with our user’s data to ensure they are compliant.
Multiple team trainings - Every individual on our team has received multiple trainings on data protection and understand the requirements needed.
Internal security audit - We have undergone multiple security audits to fully secure our users’ data.
Data mapping - We have documented and understand how data is processed by our platform starting from initial submission of any type of data.
Official data breach process - We have an official process to communicate any potential breaches in data that may occur with our users’ data.
Internal data protection team - We have setup a cross-departmental team to ensure data protection across the company.
Channel for data requests - We have setup [email protected] as a channel to directly contact our data protection team