On May 25, 2018, a new EU regulation began to apply: the General Data Protection Regulation (GDPR), that tightened the requirements on how we companies are allowed to process personal data. At LoopMe, we have worked hard to prepare for GDPR, to ensure that we meet our obligations and maintain our transparency about user data and how we use it.
Special features in LoopMe that we have designed to meet the requirements of GDPR
Features for all Group Owners:
- Right to access: As a group owner (administrators) you can easily specify how long data collected within the group should be saved. Information about the group owner's settings in this regard will also be visible to all group members. When the time period expires, all data will be automatically deleted according to the group setting.
- Data portability: LoopMe can help you meet your data portability requirements for GDPR. All group owners are able to extract all data within a group all by downloading a CSV file. It can then be opened in eg Numbers or Excel.
- Right to be forgotten: All group owners can easily remove members from their groups directly on the group page (in the members list).
Features for all LoopMe Users:
If you have questions about particular data, you can contact email@example.com for further information at any time.
- Right to access: You are always able to see all the data that we collected about you as a LoopMe user. The easiest way to find it is to go to your profile page and look into each group you are a member of. There you will find all your sent loops, reports, comments, files etc.
- Right of portability: We will export your account data in a CSV-file at any time upon your request. Just contact us at firstname.lastname@example.org
- Right to rectification: You may access and update your LoopMe account settings at any time to correct or complete your account information. Just contact us at email@example.com.
- Right to be forgotten: You or the group owner can easily remove you as a member of a group. Go to the group's member page, click the menu to the right of your name and select Leave group.You can also completely delete your LoopMe account on your profile page. Just click the Delete Account button.
- Right to object: We strive to get as good user experience as possible when using LoopMe. Therefore, we use the Google Analytics web tool to analyze how our users navigate within the system (both on the web and in our apps). You can choose to refrain from your user data being included in our internal analysis by simply changing the privacy settings on your profile page.
We have updated the agreement with our IT service providers
Strong data protection commitments are an important part of GDPR's requirements. We have updated all our Data Processing Agreements (DPAs) with all our subcontractors to ensure that they share our privacy commitments and specify the terms of LoopMe (Me Analytics) and our customers to meet GDPR requirements.
We have updated our Data Processor Agreements (DPAs)
LoopMe has experience in signing Data Processor Agreements (DPAs) with municipalities and organisations in Sweden. We have now updated our Data Processor Agreement to include the higher requirements that GDPR implies and we have already updated several of our DPAs with the municipalities in Sweden that had previously signed an agreement with us, based on the former Swedish Data Protection Act (PUL).
If you are a controller of personal data for your organisation and want to sign a Data Processor Agreement with LoopMe, please contact our customer service at firstname.lastname@example.org and we will assist you in the process.
Security is a priority for us. We have regular internal audits and bug tests. We’ve built a robust security framework over the past years and reviewing our internal access design to ensure the right people have access to the right level of customer data.
Feel free to reach out to us at email@example.com if you have any questions about LoopMe and GDPR - we’d be happy to chat to you about it.