Riter and GDPR - Agile Blog - Riter

Riter and GDPR

At Riter, we welcome the adoption of new data protection standards so as nothing is more important to us than the success and safety of our customers. Regardless of your location and nationality, we strive to ensure the safety of your data at the highest level. We don’t care, whether you are from EU, USA, or somewhere else, we provide equal rights to all our customers and do not look for loopholes in the law. This post outlines several steps which we have recently taken to ensure Riter compliance with the GDPR.

What is GDPR?

The EU General Data Protection Regulation (GDPR) is a new privacy regulation that has replaced the 1995 EU Data Protection Directive. It went into effect on May 25, 2018, and introduced additional data privacy rights for individuals, including regulations for how data should be collected, used, shared, and secured.

In short, the GDPR is a new set of rules designed to give EU citizens more control over their personal data. The GDPR may apply to companies that process the personal data of European individuals and to companies that do not have any presence in the EU but target the European market. The GDPR is designed to strengthen the security of personal data, as well as provide businesses with a structured framework on how to collect, process, use, and share personal data.

Additional information may be found on the official GDPR website of the European Union.

Is Riter GDPR-compatible?

Yes. Riter is committed to compliance with the GDPR. We have taken a number of steps necessary to meet the standard and we are not going to stop there. As part of our policy, we aim to tell our customers about our actions in connection with the GDPR.

Steps taken by Riter to meet GDPR

During the last year, we actively collaborated with our lawyers, security specialists, designers, and developers to make our product and our company in line with the GDPR. As part of our company policy, we’ve taken the following steps:

  • We have revised our Terms of Service, Privacy Policy and Cookie Policy to support the GDPR requirements.
  • We have put on the place all the internal procedures, processes and controls to ensure our workflow compliance with the GDPR.
  • We have conducted appropriate training and education for our employees to ensure our team’s awareness of all the principles of GDPR.
  • We have appointed a Data Protection Office (DPO).
  • We have reviewed and strengthened our security infrastructure, data processing, encryption, backup, monitoring, and security alerts.
  • We have introduced regular risk assessment to ensure any data is processed and managed according to the GDPR instructions.
  • We have examined all third-party services used for GDPR compliance.
  • We have turned on IP anonymization in Google Analytics; provided contact information required about our company, controllers, processors, data protection officer.
  • We have allocated the necessary resources to respond to user requests regarding the exercise of their rights provided by the GDPR.
  • We have reviewed, updated and developed additional product features to satisfy GDPR requirements.

Next steps regarding data privacy

We will continue to monitor and support data privacy standards and recommendations to make our product reliable and compliant with international safety criteria. New threats appear every day, and we try to use the latest technologies for your protection.

Regarding the GDPR (but not limited to it), we will continue to:

  • Invest in our security infrastructure.
  • Develop our product and capabilities of our customers, including but not limited to data processing, data portability, data management, and data protection.
  • Expand our contacts with security experts, lawyers, representatives in EU.

Do we process personal data of our customers?

Yes, we process your personal data to provide our services and for other specified purposes described in our Terms of Service and Privacy Policy.

Your rights in relation to GDPR

The GDPR strengthens data processing requirements for companies and expands user rights. At Riter, we are committed to helping you learn more about them:

  1. Right to be informed
  2. Right of access
  3. Right to rectification
  4. Right to erasure
  5. Right to restrict processing
  6. Right to data portability
  7. Right to object

If some rights do not make sense to you, or you are not sure how to use them, you can find a detailed description in our Privacy Policy or on the official GDPR website. In many cases, you may use one of provided by Riter features to exercise your rights. However, if you can’t understand how to do this or this is not possible, please contact us to request assistance with any such rights requests. We assure you that all your rights will be realized shortly, in a transparent and fair manner.

Do we have a Data Protection Officer (DPO) appointed?

Yes. We have appointed Eugene Ignatov as our Data Protection Officer, for monitoring and advising on Riter’s ongoing Privacy compliance with GDPR and other data protection standards. He is qualified and knowledgeable enough in data protection and GDPR to deal with all related questions. The DPO serves as a point of contact on all Privacy issues for Riter team, our customers and supervisory authorities. You can contact our DPO at dpo@riter.co with any difficulties in this regard, ask for additional explanation and advice.

Are we storing data outside of the EU?

Yes. GDPR does not prevent companies from storing customers’ data outside of the EU. However, we only use reliable third-party servers and services which are GDPR compliant. In particular, we use Google Analytics which stores collected statistical data in the United States. Like Riter, Google Analytics has announced that it is ready to GDPR.

What about all the data which you provide to us directly or which we collect automatically by ourselves, we store it in AWS (Amazon Web Services) data centers, which are located in Germany. AWS is also the GDPR complaint.

Have other questions? Contact us!

If you have any additional questions or comments about the GDPR and our Privacy Policy, you are welcome to write to us at dpo@riter.co or via the contact form on our website.