eConnect and the GDPR

25 MAY 2018

The General Data Protection Regulation (GDPR) has been in force since 25 May 2018 and, as you may have heard, this European legislation gives individuals more rights concerning their data and places higher demands on its security. eConnect has worked hard to ensure that all aspects of our services comply with the GDPR. We are happy to inform you about the measures we have taken and how we have organised the processing of personal data.

eConnect and the GDPR- 2
eConnect and the GDPR- 3

Measures by eConnect

1. Processor

In most cases, eConnect acts as a processor; for example, when we deliver your invoices in your financial software. In this context, we have made our standard processing agreement GDPR-compliant. This processor agreement is part of our General Terms and Conditions.

2. Controller

In some cases, eConnect acts as a data controller; for example, if we use your details after you have completed a contact form on our website. For this purpose, we have optimised our privacy and internal information security policies.

3. More rights

As indicated earlier, the GDPR gives you more rights as a person. This sounds nice but in many cases, you are dependent upon your software supplier when you want to invoke these rights. eConnect has ensured that you, as the person concerned, decide for yourself what data we store about you on our platform. This makes it easy, for example, to invoke the right of inspection and you will always be in control.

4. Incident Management

We have implemented a structured incident procedure as described in our SLA. This procedure ensures efficient and transparent handling.

5. Risk management

After an extensive risk analysis, from Phishing to the unintentional release of data, we have drawn up and implemented internal management measures. Our information security policy (ISO 27001 certified) is therefore accurate, complete and reliable. This allows us to avoid unpleasant surprises.

Data processing  by eConnect

1. What personal data?

– Name and address details;
– Contact details (phone number, e-mail, website);
– Gender;
– Financial data;
– Business identification numbers, such as Chamber of Commerce number, VAT number or IBAN.

2. Whose data?

– Customers;
– Employees of customers;
– Potential customers;
– Employees of potential customers.

3. What do we do with it?

– The primary service, within the framework of the agreement you have concluded with eConnect;
– Sales-related activities based on contact questions from potential customers;
– Providing an online archive for all eConnect customers.

4. How long do we keep the data?

Our customers can decide for themselves how long their data will be stored in the online archive on the eConnect platform. We do not retain any other personal data longer than necessary while providing our services.

eConnect and the GDPR