Konso’s GDPR compliance
Feb 1, 2022
Konso is committed to privacy, security, compliance and transparency. This approach includes supporting our customers' compliance with EU data protection requirements, including those set out in the General Data Protection Regulation (GDPR), which became enforceable on May 25th, 2018.
What is GDPR?
The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a regulation by which the European Parliament, the Council of the European Union and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU).
To Whom Does the GDPR Apply?
Directly, Konso does not collect EU citizen personal data in anyway.
However, one way in which the personal data of an EU citizen could be collected when using Konso is when Konso's clients stream log, metrics other data streamed to Konso containing personal data. Not all customers will be “data subjects”, as data subjects are only individuals. Some of your customers may be businesses or government organizations, which the GDPR does not apply to.
So, how about GDPR compliance?
As an organization, Konso has always implemented and practiced processes which ensure that customer data is stored and processed in ways necessary only to serve our customers in the best possible way. Our privacy, security and data storage policies are also streamlined with the GDPR goals and objectives.
- We do not collect any private data except of "Email", "First name" and "Last name" upon registration. We use this data for communication and/or important notifications.
- We do not transfer, share, sell or give this data to any 3rd party companies
- We are not responsible for what kind of data is collected by our clients
- We do not transfer, sell or give client's data to any 3rd party company
- We do not analyse, process or report client's data except of aggregations presented Konso app or exposed by Konso API, which can be accessed only with permission.
- We do allow clients to anonymize collected data
- We do allow clients data to be completely removed from our servers
- We are not GDPR compliant yet, however we are working on the topic