General Data Protection Regulation (GDPR) is a regulation approved by the EU that aims to give back control of individuals data for all individuals within the European Union. In its essence, this regulation strengthens the rights of EU individuals regarding how their personal data is used & collected. In case you are either an individual within the EU or business either in the EU or conducting business with EU citizens you are under the scope of this new regulation.
onCosmetics’s commitment to GDPR
At onCosmetics we take GDPR seriously and we know our customers take it too so over the past months we have been working hard to make sure that we are fully compliant and that all our customers can use onCosmetics to grow their business within the new GDPR regulations.
Here are a few things we have done:
– Implemented Data Subject Requests procedures
– Created a Data Processing Agreement
– Implemented a Lead Fencing Mechanism for EU
– Acquired a Privacy Shield Certification
It is important to note that while onCosmetics is committed to assisting all our customers as a ‘data processor’, it remains the Customer’s responsibility, as the “data controller”, to ensure that it has a legal basis (be that legitimate interest, consent, or other lawful basis for contacting) to properly collect and use the data. As the “data processor”, we depend on our Customers to adhere to their own responsibilities as far as how they communicate with customers/prospects.
For example, if onCosmetics is used to find and target EU individuals via email, it is the Customer that assumes the risk in guaranteeing that the outreach is made under a lawful basis for contacting.
Implemented Data Subject Requests procedures
We’ve created mechanisms to help our Customers address Data Subject Access Requests. If our Customers receive a (DSAR) it is treated in accordance to an established process that guarantees the requests are met within the timeframe defined on GDPR’s: The right of access (Articles 12 and 15 and Recital 63) all within onCosmetics.
If you are an onCosmetics user and want to access, correct or delete your information, you can do it in the settings page of your onCosmetics dashboard. If you have any more data requirements that are not met there you can contact [email protected]. If you are a previous user you also can update your Personal Information by contacting us at [email protected].
If you are not a user but want to know if your data is in our database feel free to email us at [email protected]. We will inform if we are processing your publicly-available data, what data we may possess and how to edit or delete that data.
Created a Data Processing Agreement
To the extent that onCosmetics processes any Personal Data that is subject to the European General Data Protection Regulation (GDPR), on the Client’s behalf, we’ve added a Data Processing Agreement which provides adequate safeguards in respect to the services provided.
Implemented a Lead Fencing Mechanism for EU
To mitigate our Customers’ concerns about contacting prospects located in the EU, we’ve enabled features that allow them to select a prospect based on the individual’s location. This means that any Customer that wishes to avoid contacting prospects located in the EU can do so within onCosmetics.
Acquired a Privacy Shield Certification
The EU-US / Swiss-US Privacy Shield framework was designed to provide companies with a mechanism to comply with data protection requirements when transferring personal data from the European Union and Switzerland to the United States.
Data we may be collecting
onCosmetics does not provide or collect consumer-focused data such as age, health, web browsing history, health records, or economic status, nor does it collect any information that may be deemed as sensitive information.