GDPR compliance

Need help? Please give a detailed explanation of your problem.
Post Reply
User avatar
Agalassi1792
AllPro Expert
AllPro Expert
Posts: 510
meble kuchenne Mikołów Knurów Czechowice-Dziedzice
Joined: Tue Nov 18, 2014 12:42 pm
Website: apwt.bluezenith.com

GDPR compliance

Post by Agalassi1792 »

Hello,

With GDPR compliance quickly approaching, we were wondering if APWT has put any policies in place to help make their sites compliant. This new law would effect anyone selling to Europe, and we have some clients that do do business with European countries, namely a self-publisher. Here's an article that she forwarded to us about it, and this article mainly discusses the privacy policy and updates to that:

https://www.selfpublishingreview.com/20 ... -template/

Let us know, thanks!
User avatar
Dave
Support Team
Support Team
Posts: 1221
Joined: Wed May 11, 2011 10:30 am
Website: www.allprowebtools.com
Contact:

Re: GDPR compliance

Post by Dave »

The GDPR law covers a wide number of business processes and procedures that are best evaluated by legal counsel with knowledge specific to YOUR business. It will be very difficult to find any person or website that can provide a "one size fits all" answer to how your business can be assured to be compliant with the GDPR.

Many of the requirements of the GDPR relate to internal company procedures that do not specifically relate to your website or CRM or anything else that would relate to your use of AllProWebTools. Some requirements of the GDPR do however relate to your use of AllProWebTools.

AllProWebTools provides an online tool that your business can use to manage your business, but we do not provide any legal advise.

Here are a few items that may help you understand how to make changes to your website as recommended by your legal counsel in response to the GDPR.
How do I add SSL to my AllProWebTools website?
It only takes a few clicks, just find "SSL" in the list of available webtools. Here is a video that explains how:


How do I change my Terms of Service and/or Privacy Policy?
Here is a video that answers this question:


How do I add a notification that my website is collecting personal information?
Here is a video that answers this question:


Right to be forgotten
It is important that you contact our Support Team to properly remove all stored personal information when your company receives a request to be forgotten. Simply "Deleting" a contact record from your CRM will not remove all identying information that was stored in the AllProWebTools system.
Data breach response
AllProWebTools will notify affected customers without undue delay if we become aware of a data breach of our services.

Our Privacy Policy will be updated soon with additional information, you can read it here: https://www.allprowebtools.com/AllProWe ... cy-Policy/
User avatar
Agalassi1792
AllPro Expert
AllPro Expert
Posts: 510
Joined: Tue Nov 18, 2014 12:42 pm
Website: apwt.bluezenith.com

Re: GDPR compliance

Post by Agalassi1792 »

Hi Dave,

Thanks so much for your thorough explanation. This all makes sense. I'll go through these as needed.

Thanks again!
Dgalassi1792
AllPro Expert
AllPro Expert
Posts: 68
Joined: Tue Jun 09, 2015 2:09 pm
Website: apwt.bluezenith.com

Re: GDPR compliance

Post by Dgalassi1792 »

Hi! I have a few clarifying questions regarding GDPR.
1. when logging into APWT account, are any cookies created to keep someone logged in? If so, how long does that cookie remain valid before expiring?
There are a number of cookies set from a number of different services when logging in. As of this writing, these services include cloudflare, comm100, PHP, and apache. As of this writing, the cookie that is set to keep a user logged in lasts for 1 hour.
2. Any blog comments or customer product reviews that someone leaves, are they required to create an account within the APWT site? Is a CRM record created with those actions?
No account is needed to leave a blog comment or product review. There is an option available to require users to use their Facebook login to leave a blog comment or you can choose to disable this.
3. Do blog comments on an APWT blog use Gravitar in any ways to provide a blog comment image?
As of this writing, AllProWebTools does not use Gravitar for blog comment images.
4. Product purchases and invoice payments all create a client account. That information is stored internally as a CRM record. If anyone asks for their information to be deleted, a request needs to be made to the APWT team to be completely delete that particular CRM record, right? Just needing to understand the process.
Yes, you can contact AllProWebTools Support directly to request assistance with this.
5. Does filling in a Contact form create a CRM record?
Yes, filling out a contact form (also commonly known as a signup box or lead form) creates a CRM record which will contain whatever information that was entered into the contact form. This includes any custom fields that you have created in your AllProWebTools account. This will also include the users IP address.
6. What else should I know about what actions create an account within AllProWebTools and what causes a CRM record to be created so I know how to manage if someone requests their information to be deleted. I would like to better understand what creates accounts or CRM records to begin understanding how to explain this to clients.
As of this writing, A CRM record is created or updated in AllProWebTools under the following conditions:
  • Signup Box filled out
  • New User account created
  • New CRM entry created
  • CSV Import of users
  • New email received with the CRM Email Inbox WebTool
Thank you for your help with this!

It is our pleasure to help you understand more about AllProWebTools. We are committed to continuing to assist our users as they work to comply with the new EU GDPR Law.
Dgalassi1792
AllPro Expert
AllPro Expert
Posts: 68
Joined: Tue Jun 09, 2015 2:09 pm
Website: apwt.bluezenith.com

Re: GDPR compliance

Post by Dgalassi1792 »

Thank you for this information! Its exactly what my cleints need to provide to a lawyer to help craft the proper Privacy Policy.
Dgalassi1792
AllPro Expert
AllPro Expert
Posts: 68
Joined: Tue Jun 09, 2015 2:09 pm
Website: apwt.bluezenith.com

Re: GDPR compliance

Post by Dgalassi1792 »

Hi all!

I have one more question regarding cookies and how they are used during the login process into the AllProWebTools accounts - for clients as they purchase, to users as they login. WordPress provided a generic way that cookies operate in a GDPR compliant cookies section of a privacy policy. After reviewing your replies, I wanted to confirm that the words specified here (below) are true and correct as to the way that the technology works. I want to make sure that the words match the technology. Here's the words -- what I'm asking is.... each paragraph below has specifics of how the cookies operate from the AllProWebTools login process. Can you confirm that this is correct? Is everything said in the below two paragraphs true and correct? Any updates to this so that it better reflects the true process would be greatly appreciated. I've bolded the sections that I wanted to confirm with you.

Thank you!


Cookies
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last up to two days, and screen options cookies last for a year. If you select “Remember Me”, your username will persist for two weeks. If you log out of your account, the login cookies will be removed.
User avatar
Dave
Support Team
Support Team
Posts: 1221
Joined: Wed May 11, 2011 10:30 am
Website: www.allprowebtools.com
Contact:

Re: GDPR compliance

Post by Dave »

The following 2 quotes do not apply to AllProWebTools in any way:
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last up to two days, and screen options cookies last for a year. If you select “Remember Me”, your username will persist for two weeks. If you log out of your account, the login cookies will be removed.
AllProWebTools sets a single session cookie upon successful login that expires upon logout. Even if the session was copied and saved by the user, all session data is automatically purged on our servers every 60 minutes. This applies to both AllProWebTools subscribers and their customers who login to access to their account info.
Post Reply