Waitwhile wholeheartedly support the privacy rights of our customers and our users and have fully implemented the required steps for GDPR compliance. Those include:
- Review of the data we collect, as well as the reasons for why we collect it
- Updated processes for getting consent from users
- Updated processes for deletion and exporting of personal information
- Minimization of data retention and de-personalization of data where possible and/or required
Waitwhile's Role in GDPR Compliance
Waitwhile is acting both as a Data Controller and as a Data Processor within the realm of GDPR compliance:
- As a Data Controller, Waitwhile is responsible for safeguarding the data of our customers as they interact directly with our services.
- As a Data Processor, Waitwhile is responsible for safeguarding the data of our partners' and customers' users as it flows through our system.
Customer's and Partner's Role in GDPR Compliance
As a Waitwhile customer or partner, you are a Data Controller and Waitwhile is acting as your Data Processor for your users. In this respect, you’ll want to take the following steps to comply with GDPR:
- If you have customers in the EU or need to be GDPR compliant, you may additionally request to sign our Data Processor Agreement. This is valid for both customers and partners. See below about our DPA.
- Perform your own research, modeling, vendor audit, and strategy steps at your company to ensure you understand GDPR as it applies to your business.
- Be thinking about how you’ll handle consent. You should not store or work with users' data without proper consent.
Data Processor Agreement
If you are a partner or a customer who needs need to further documentation of compliance with Waitwhile acting as a Processor (for example, as a customer who processes their own user's data through Waitwhile or as a partner who integrates directly with Waitwhile) you can sign our DPA by contacting us at firstname.lastname@example.org.