ACME's Policy in regard to GDPR
Please read below for information on General Data Protection Regulations (GDPR) and how ACME stays organized and in compliance with this policy.
In the event that a request is received to remove a customer record from our database, the following steps are executed:
ACME Product Support will notify the requester that we have received this request and will remove the customer’s data within the next 30 days. A Product Support case will be created for tracking purposes.
If the request is sent to ACME via one of our clients on the behalf of a consumer, we will communicate back to the client, who will be responsible for communicating directly with the consumer.
If the request is sent to ACME directly by a consumer, we are required to communicate directly with them (Article 12, section 3).
Once the customer data has been anonymized in ACME, Product Support will update the support case to inform you that the request is complete. We recommend you also remove the customer data from other relevant databases within your organization and follow up directly with the individual who initiated the request to let them know the data has been removed.
How ACME anonymizes data
The data that has been requested to be removed will be anonymized in the ACME database and replaced with a random alphanumeric strand. Please note, any other systems (Salesforce, Raiser's Edge) connected to ACME via APIs with automatic or manual sync will be updated with this new anonymized data once that sync occurs.
Examples:
- Order
- Before anonymization
After anonymization
- Before anonymization
Membership
- Before anonymization
After anonymization
- Before anonymization
Customer
- Before anonymization
- After anonymization
- Before anonymization
About GDPR
The General Data Protection Regulation (GDPR) is a legal framework that sets guidelines for the collection and processing of personal information of individuals based off of seven key principles:
- Lawfulness, fairness and transparency
- Purpose limitation
- Data minimization
- Accuracy
- Storage limitation
- Integrity and confidentiality (security)
- Accountability