iXpole’s commitment to GDPR
Those who know us well -our customers in particular- know that it is iXpole’s mission to optimise your business processes. The iXpole platform strives to help you achieve optimal efficiency. But -to use the words of one of our customers- “a fool with a tool is still a fool”. Meaning that -thanks to iXpole- our customers have been forced to inventorise, align and optimise their processes, turning them into a leaner, more mature and truly professional organisation.
Of course we also practise what we preach. We also use and align our CRM with our ERP and try as much as possible to centralise all our information. As a consequence, the impact of GDPR on iXpole is not enormous. We know exactly where we store which personal data. We only store and process personal data with legal reasons and do not store any excess data. We know what the business purpose is and will ensure we take the necessary measures to ensure your privacy. GDPR is a logical step in any organisation that strives to offer its customers the best experiences possible.
So where is iXpole concretely in its efforts towards GDPR compliance?
- We took the inventory of all personal data we process. Not only customer or prospect data, but also personnel, suppliers and other parties we interact with. For all categories we have determined the processing activity, the processing objective, categories of people involved, storage duration, legal base for processing etc… This data processing registry is at the core of all our future activities and will be kept up to date accordingly.
- By means of this post we are not only requesting your permission for automated processing of your data for further update mails and other information related to our activities or new features. We also like to inform you of your rights. The right of information (check!), the right of access, the right of rectification, the right to delete, the right to be forgotten, the right to limit the use of your data, and all other rights applicable under the GDPR. We are not that big a company. Just contact anyone in the team and we’ll assist you further with the exercise of your privacy rights.
- Customer satisfaction is one of our core values at iXpole. Every employee is committed to this value and all of its consequences. GDPR is a logical consequence, nevertheless, we have increased the awareness internally about your rights and our obligations.
- Last but not least we ensure that we take the proper measures with regard to internal policies and data processing tools, like screen locks, authentication to data sources and encryption of data.
What about your GDPR compliance using iXpole
Thus far for our commitment to your privacy. But clubs use iXpole to process data of their customers. So what about GDPR compliance of the iXpole tool?
iXpole is the technical service provider. We make sure that from a technical point of view all risks are mitigated, through encryption, opt-out fields etc. The processes around the use of iXpole remain of course the responsibility of our customers.
Did you know?
- We have integrated Google authenticator in our backoffice logon process. Any club can optionally decide to activate this 2nd factor authentication method, thus reducing the risk of data breaches. When we announced the feature, no one really understood why we offered it. We assume that with the increased GDPR awareness, this will change. Contact firstname.lastname@example.org if you want to know more about strong authentication.
- Although we are a cloud solution, we create a separate logical instance for each of our clubs, meaning that -even due to a bug- it is impossible to have one club accidentally access the data of another club. Rest assured. Your data is separated on a different instance of iXpole. If you’d like more information about these technical matters, don’t hesitate to contact email@example.com