Nudgify is GDPR (General Data Protection Regulation) compliant and provides technology that enables our customers to be GDPR-compliant also. This support page discusses what Nudgify has implemented in order to have a GDPR compliance and how users can manage data subject requests using Nudgify, in particular focusing on how a user can delete data.
We don’t need to collect and process users’ personal information beyond what is required for the functioning of our products. This will never change.
Nudgify has put in place processes and procedures to comply with the various provisions of GDPR—data subject rights, GDPR core principles, data protection addendum, data deletion, data retention, and anonymization, which align with our core values of customer trust and data privacy.
Anonymization by design
From the early stage of the development of Nudgify, we implemented “Anonymisation by design”.
Anonymized data refers to data that is made anonymous in such a way that the registered can no longer be identified. You simply remove the possibilities of identifying a person. No additional information can restore the original information which makes anonymization quite difficult. You completely lose the connection between data and the individual. Nevertheless, it can be a beneficial technique when the data is used for statistical or research purposes.
Anonymization means that you cannot restore the original information, and such data is out of scope of the GDPR.
What makes Nudgify GDPR-compliant?
We have a multi-level approach to ensure the Nudgify GDPR compliance:
- Data Anonymization – Personal data collected during the use of the app is anonymised before aggregation.
- Data Storage – Data collected during the use of the app held by clients locally and not retained on our servers
- Aggregation of Data – Data collected during the use of the app is only used on an aggregate level.
All personal data being anonimyzed, the Nudgify App is out of the scope of GDPR and a Data Processing Agreements (DPA) is not needed.