As we navigate the digital era, data security has become more important than ever. At RAYNET, we take protecting your personal data very seriously. Trust is at the heart of what we do, and we want to earn yours. That is why we have adopted the General Data Protection Regulation (GDPR) — one of the world's strictest data protection frameworks — as our guiding principle. Whether you are located in the European Union or not, we believe in providing everyone with the same level of data protection.
What is the GDPR all about?
Before we get into the specifics of how we ensure your data's safety, let's take a look at what the GDPR is in general. It's a regulation brought forth by the European Union in 2018 in order to protect the personal data of its residents. It provides a comprehensive set of rules for businesses, making sure they handle personal data responsibly and transparently.
The GDPR gives you, as an individual, a series of rights regarding your personal data, like:
- The right to be informed: Why, how, for how long, who, which. These are some of the questions you have the right to ask in relation to the processing of your data.
- The right of access: You have the right to access your data and know how it's being used.
- The right to rectification: If you find your data to be outdated or inaccurate, you can demand a correction.
- The right to erasure: Also known as 'the right to be forgotten'.
- The right to restriction of processing: You can ask for your data not to be processed.
- The right to data portability: You have the right to transfer your data from one service provider to another.
- The Right to object: You can say no to your data being processed for specific purposes.
- Rights related to automated decision-making and profiling: Protects you from potentially damaging decisions made without human intervention.
GDPR: The most rigorous data protection regulation
The GDPR is considered the strictest data protection regulation out there. So, what sets it apart from others, like those in the United States, for example?
One of the key differences lies in the scope of protection. Unlike US laws, which tend to be sector-specific — for instance, the Health Insurance Portability and Accountability Act (HIPAA) for healthcare data and the Gramm-Leach-Bliley Act (GLBA) for financial data — the GDPR is a comprehensive regulation that applies to all sectors and industries.
Also, the GDPR is all about the "opt-in" approach. A business needs your explicit consent before it can process personal data. This is significantly different from many US laws that adopt an "opt-out" approach, meaning businesses can process data until the individual objects.
Another critical part of the GDPR is that it applies to all businesses that process the personal data of EU residents, regardless of where that business is located. This is quite different from US laws, which mainly apply to US businesses or those with strong ties to the US.
We have not forgotten about other important regulations. Although they are not considered to be as strict as the GDPR, we also included some of the other regulations in our Privacy Policy and our DPA, that put an emphasis on certain points. Namely, the California Consumer Privacy Act (CCPA), to make it crystal clear that we do not sell your personal information, and Singapore's Personal Data Protection Act (PDPA) to provide the same level of protection to Singapore citizens and specify the terminology present in this regulation.
Finally, the GDPR is unrelenting when it comes to non-compliance. The penalties can be substantial, enough to make any company think twice before taking data protection lightly.
Our commitment to protecting your data 🛡️
Now that we've talked about why GDPR is such a critical regulation, let's take a look at how we are committed to protecting not only personal data we've collect about you, but also the data you put into our CRM system.
First up, we have incorporated "privacy by design” and “privacy by default" principles into RAYNET CRM. This means our CRM software is built with data protection at its core, and the default settings are the most privacy-friendly they can be. We make sure that personal data is only processed when necessary and that it's adequately protected every step of the way.
Next, we're all about data minimization. We only collect and process the data that is absolutely necessary for us to provide our services. This is in line with the GDPR's requirement that data collection should be adequate, relevant, and limited to what is necessary in relation to the purposes of processing.
We have implemented strong security measures to protect your data from unauthorized access, alteration, disclosure, or destruction. These measures include:
- a secure data center,
- regular backups,
- SSL/TLS encryption,
- regular security audits,
- and many more…
🔒 Read more about all security measures in our Privacy Policy, Section 9 and our DPA, Annex B.
We respect and uphold your rights under the GDPR. This means that you can:
- request access to your data,
- rectify incorrect data,
- delete your data,
- restrict processing of your data,
- transfer your data to a different service provider,
- object to the processing of your data.
Our Privacy Policy is transparent and easy to understand. It tells you how we collect, use, and protect your personal data. It's always accessible on our website, and we update it regularly to reflect any changes to our data processing practices. The same goes for our DPA.
As part of our commitment to GDPR compliance, we've appointed a Data Protection Officer (DPO). The DPO's job is to make sure we're sticking to our data protection strategy and staying compliant with GDPR requirements. If you have any questions or concerns about how we handle data protection, contact our DPO at dpo@raynetcrm.com.
🇨🇿 Find out more about why we have decided to change things up in our Terms of Service, Privacy Policy and Data Processing Agreement in our article We are moving to the Czech Republic.
Wrapping it up
In a time when data breaches are becoming increasingly common, we understand the importance of taking proactive steps to keep your personal data safe. That's why we have chosen to align our practices with the GDPR — the gold standard for data protection.
No matter where you are located 🌐, we believe that you deserve the highest level of data protection. Even if the GDPR doesn't legally apply to you, we apply its principles because we value your privacy and trust. We want you to be confident that your data is safe and secure with us. When it comes to data protection, we don't just comply — we go above and beyond. Our commitment to GDPR compliance is not a one-time effort, but a continuous journey. We regularly review and update our practices, invest in the latest security technologies, and train our employees on data protection best practices.
Because at the end of the day, your trust is our most valuable asset, and we are dedicated to protecting it. 💙
