|
|
|
|
|
|
by termsfeed
2991 days ago
|
|
|
Email address + billing address is personal data. The minimum requirements for SaaS would be: - Having a Privacy Policy. Among other things, specific identify the Data Controller (you), inform users of their rights (there are 8 rights under GDPR), whether you transfer data internationally (EU>US), and others. - Getting active consent from users. Under GDPR, you must request a "clear, unambiguous affirmative consent" from users. The "clickwrap" method of design might be good to follow. We shared a quick "GPDR Compliance Plan" video on YouTube a while ago that might be useful: https://www.youtube.com/watch?v=K2F9HEhTpSg |
|
|