EU General Data Protection (GDPR) Compliance
The European Union’s General Data Protection Regulation protects the privacy of website visitors, setting out the rules that apply to the collection and processing of data that could be used to personally identify the visitor. Where personal data is collected, the GDPR requires that the website clearly disclose the details of that collection, and obtain clear, unambiguous consent from each visitor. In a word, it ensures that EU citizens visiting websites are in control of their personal data at all stages of the relationship.
The GDPR defines “personal data” as any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Compliance under GDPR can be established by providing detailed disclosures and obtaining consent, among other things. Or, alternatively, personalization can be accomplished without relying on the collection and processing of personal information in the first place. Generalized, nonpersonal data attributes of visitors, such as their coarse geographic location or broad demographic affiliations do not trigger the application of GDRP’s detailed disclosure requirements in the first place.
If you have EU customers, you need to be GDPR compliant.
Is Pulse.app GDPR compliant?
Tracking, consent and GDPR
Pulse neither individually identifies nor stores information about, nor tracks individual website visitors. It does not create or store cookies on your website’s visitors’ computers. Because it collects no personal data or data that could be used to identify an individual visitor to your website, Pulse does not trigger GDPR’s requirements, and using Pulse does not in itself require you to obtain specific consent from your website’s visitors.
Data security and data breaches
We take data protection and security very seriously at Pulse. We constantly monitor for security flaws and unauthorized access and we will take action immediately if something suspicious is detected. In the unlikely case of a data breach, we will notify all of our customers within 72 hours after the breach was detected.
Some of the preventive measures we take include:
- encrypted HTTPS communication layers for all data transfers
- isolated data containers and data network
- firewalls to prevent and mitigate different types of attacks and data leaks.