EFFECTIVE DATE - October 1, 2021
btw has aligned our policies and practices with the General Data Protection Regulation (GDPR). Even if our website visitors and customers might not be based in the EU, their end-users may be, so it is important that btw become GDPR compliant to ensure all our clients are covered. This page provides a high-level summary of our approach to GDPR. Please contact firstname.lastname@example.org with any questions.
btw, as a Data Processor, collects and stores a minimum of Personal Data only as instructed by our Customer, the Data Controller, for the purposes of delivering the btw Services. Additionally, here's a list of processes to ensure we comply with GDPR-
We have in place Data Processing Agreements with all of our sub-processors. We rely on a combination of Privacy Shield Certifications and execution of EU Model Clauses where data is being transferred across borders.
btw customers who enable btw Services on their sites are responsible for the end-user data. btw provides products and services to enable our customers to comply with data requests from their end-users.
Under GDPR, individuals have the right to ask for the right to portability, rectify and be forgotten. btw collects end-user's data on behalf of our customers, any requests regarding accessing/ editing/ deleting end-users data will be forwarded to our customers. We give our customers the mechanisms to access their end-user's data and also comply with relevant data requests. This way, our customers are always in control of their data.
Note that our customer can determine if the request is valid and can be fulfilled. We will take action based on the direction provided by our customer on how to proceed with any such request.
As a processor, btw gives flexibility to our clients to determine their data policies, which offer rights to their end-users. This includes the ability to access / edit/ delete information. We also give the ability to set a routine data deletion process at a cadence determined by the customer.
This page provides a high-level summary of our approach to GDPR. Please contact email@example.com with any questions.