Participate is GDPR compliant, as we provide services internationally and have chosen to comply with the standards required for organizations operating within the European Union. The best and most comprehensive source of information describing when and how user data is collected, which personal data is collected, and how that data may be shared is our Participate, Inc. Privacy Policy.
_________________________________________________________________

Ways in which we comply with GDPR requirements: 

  1. Lawful, fair and transparent processing - we only use user data for purposes related to their experience on our platform, and we provide clear and transparent explanations of how user data is accessed and utilized.
  2.  Limitation of purpose, data and storage - no personal data, other than what is necessary, be requested, and user data is deleted deleted once the legitimate purpose for which it was collected is fulfilled.
  3. Data subject rights - users have the right to ask how their data will be used.
  4. Consent - clear and explicit consent must be asked from each user. Once collected, this consent must be documented, and all users are allowed to withdraw his consent at any moment.
  5. Personal data breaches -  Participate maintains a Personal Data Breach Register to document any cases of data breaches, and users will be informed of any data breaches within 72 hours of identifying the breach.
  6. Privacy by Design - Participate utilizes technical mechanisms to protect personal data in the design of our systems and processes, by default.
  7. Data Protection Impact Assessment - Participate conducts a Data Protection Impact Assessment when initiating a new significant changes or products, relating to processing of personal data.
  8.  Data transfers - Participate ensures that personal data is protected and GDPR requirements respected, even if processing is being done by a third party. 
  9.  Timely personal data deletion - if a user requests to have their account and all personally identifying data deleted from our platform, the Participate follows the GDPR "right to be forgotten" and "storage limitation" principles, in that we notify the user of the action planned (within 30 days, usually within 24 hours) to ensure that the deletion request is honored without undue delay.
  10. Awareness and training - Participate creates awareness among its employees about key GDPR requirements.

*If you have questions or need assistance, contact our Support Team at support@participate.com or use the chat icon on the bottom-right corner of any page.

Did this answer your question?