Forumbee GDPR Compliance
The EU General Data Protection Regulation (GDPR) sets the standard for how companies use and protect EU citizens’ data.
At Forumbee we have prepared for GDPR to ensure that we fulfill its obligations and maintain our transparency about how we process data.
The following features enable our clients to meet their GDPR obligations.
You can edit the Terms and Privacy Policies for your community or link to the policies on your main website. For more information see How to Customize Community Policies.
When relying on consent as your legal basis for processing, the GDPR says the consent you obtain must be freely given, specific, informed, and unambiguous. You also must clearly explain how you plan to use their personal data. We’ve updated the member signup process to help you stay compliant with this law. You can enable a checkbox for opt-in consent and edit the message to explain how and why you are using data. For more information see How to Collect Member Consent.
To comply with community member's request for a copy of their data, a new function has been added to the Administration console. Go to Admin > Users, locate the user and expand their details. Under Data Privacy select Export User Data.
Right to Erasure (Right to be Forgotten)
To comply with community member's request to be deleted/forgotten, you can fully delete the member and all of their data. This function can be accessed directly from the Administration console. See this article for steps to delete a user.
Data Processing Agreement (DPA)
Strong data protection commitments are a key part of GDPR requirements. Our data processing agreement shares our privacy commitments and sets out the terms for Forumbee and our clients to meet GDPR requirements. This is available for clients to sign upon request.
We coordinated with our vendors
We are reviewing all our vendors, assessing their GDPR plans and arranging similar GDPR-ready data processing agreements with them.
We will continue to share information on our progress and help our clients and prospective clients be compliant. Some steps you can take:
- Get familiar with the GDPR requirements and how they affect your company.
- Map out everywhere you process data and carry out a gap analysis.
- Look at your community plans and think about privacy when you’re creating a new community or making changes and updates to your existing community.
- Discuss with your legal counsel about what your company needs to do to.
Feel free to contact us if you have any questions about GDPR - we’d be happy to answer any questions you may have.