The General Data Protection Regulation (GDPR) is the most comprehensive data privacy law formulated by EU in recent history. It will go into effect on May 25, 2018 and affects all organizations that deal with data of European users.
GDPR’s aim is to strengthen data protection laws for people in European Union. It gives control to citizens and residents over their personal data and simplifies the regulatory environment within the EU.
Data privacy has been one of Taskworld’s core values ever since its inception. We are working towards full compliance before it goes into effect. Since it’s a new legislation, we have been in constant touch with our attorneys in Germany to ensure our implementation is spot on.
This document highlights steps that we’ve already taken and that are still in progress to comply with GDPR:
1. Appointment of dedicated Data Protection Officer - Done
We have appointed Mr. Joshua Cordero as our chief Data Protection Officer. You can personally reach out to him at email@example.com
2. International data transfer (Privacy Shield certification) - Done
Taskworld Inc is a certified member of EU-US privacy shield. Taskworld adheres to the Privacy Shield Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement for personal data submitted by our customers in participating European countries. Please visit www.privacyshield.gov
to learn more about protecting your privacy. You can view our privacy shield certification here
3. Disclosure of third party tools - Done
At Taskworld we use third party software that enable us to provide you great service. We also use these tools to monitor our analytics in order to continuously improve our software. We do not sell user data to any third party software.
Following is a list of all the third party tools that we use:
- Intercom - Feature announcements, in-app messaging and informing users about updates
- Zendesk - Receiving, forwarding and answering support tickets. (includes Round Robin app integration)
- SendGrid - Sending email notifications for Taskworld
- Pipedrive - CRM tool used by our sales team
- Amplitude - Analytical tool used to study feature usage. All user data is anonymized.
- Google analytical tools - Includes Google Tag Manager to study Adwords related data. All data is anonymized.
- Chargedesk - Payment tool used for invoicing, bill tracking and refunds
- Braintree - Payment gateway that allows users to pay for their subscription
- Paypal - Alternate payment gateway that allows users to pay for their subscription
- Apple Store - Push notifications on iOS mobile devices
- Google Play - Push notifications on android mobile devices
- Box - In app integration with box.com for file storage
- Dropbox - In app integration with dropbox.com for file storage
- Google APIs - In app integration with Google drive
- Gmail - For client/support communication
- Github - Source code for the Taskworld application and infrastructure is stored on GitHub. This doesn’t include customer data.
- CircleCI - Building, testing and deploying the app automatically. CircleCI has access to part of our production infrastructure for the purpose of deploying new versions of the app.
- AWS (Amazon Web Services) - AWS hosts our production infrastructure (cloud and VPC). This also includes AWS Lambda.
- DigitalOcean - For automated build-test-deploy cycle. No customer data is stored on DigitalOcean.
- Firebase - Similar to DigitalOcean, part of our internal tooling is hosted on Firebase. This doesn’t include customer data as well.
- AskNicely - NPS (Net Promoter Score) survey and user feedback
- Sentry - Code error reporting
- Hotjar - Website tracking tool that help Taskworld enhance the site visitors browsing experience by understanding what users want, care about and interact with on our site by means of heatmaps and click tracking
4. Building data management tools - Done
Our engineers are currently working on creating tools that will provide additional data management options to Taskworld users, such as:
- Permanently deleting data on Taskworld
- Delete user data on third party applications post Taskworld account deletion.
- GDPR consent modal during onboarding
- Toggle switch for third party services in workspace settings
If you have any questions or would like to learn more about Taskworld’s commitment to GDPR, please send an email on firstname.lastname@example.org