Is Goldie GDPR compliant?

Goldie works to ensure that we are always operating and handling data in compliance with GDPR and other regulations.

Our team at Goldie takes various actions to ensure the security of your data and our compliance with all applicable regulations.

• We maintain an updated Privacy Policy.
• We provide a way for businesses to request an export of data from their Goldie account or request permanent account deletion.
• We require users’ clients to opt-in to receive marketing messages via email or push notifications.
  • Note: your users’ customers will continue to receive service-related messages, regardless of their opt-in status.
• We have a Data Protection Officer (DPO) who is responsible for ensuring data compliance.
• We’ve tightened up internal access policies so the right people have the right access to customer data within Goldie.
• We’re ensuring that our providers (such as Sendgrid and Vonage/Nexmo) are GDPR compliant.
  
  

Exporting and deleting your information

You can easily export a copy of your account data/information or delete your account from Goldie at any time by taking the following steps:

1. Open Goldie (and ensure you are logged into your account)
   
2. Tap the Menu (☰) in the top left corner
3. Tap on the section containing your email and photo (towards the bottom of the menu; this will open your account settings page)
4. Tap the option to “Export data” or “Delete account.”
5. Enter your password to confirm your credentials
   1. For data exports, you will receive an email to the address associated with your Goldie account that contains a link to download your data.
   2. For deletions, you will need to confirm the deletion of your account, as the action cannot be undone.

Information about GDPR

The GDPR aims primarily to give control to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU. It also addresses the export of personal data outside the EU.

According to the GDPR, personal data must be processed in a way that meets six key data protection principles:

1. Processed lawfully, fairly, and transparently and should only be used in a way that a person would reasonably expect.
2. Collected only for specific legitimate purposes and used for those purposes only.
3. Adequate, relevant, and limited to what is necessary. No more than the minimum amount of data should be kept for specific processing.
4. It must be accurate and kept up to date.
5. Stored only as long as is necessary and no longer.
6. Ensure appropriate security, integrity, and confidentiality. Data should be processed “in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures” (article 5, clause 1f).

GDPR notes that organizations should implement an opt-in policy and have a data subject’s consent to process their personal data. People covered by the GDPR have the right to access their own personal data, get a copy of their data, ask for an update, deletion, or their data to be moved to another organization. 

For more information about GDPR, visit the GDPR website.

Still can’t find what you’re looking for? Return to the Help Center homepage to search for additional articles or reach out to us - we’re always here to help.