This document details fuzzylime’s obligations and policies as a data processor under the General Data Protection Regulation (GDPR) legislation.
It was last updated on April 25, 2018.
Depending on our agreement with you, fuzzylime may perform one or more of the tasks below:
- We may host your website;
- We may have access to your site to operate in a support capacity.
This means that, under GDPR legislation, we are operating as a data processor.
This document outlines our procedures in those terms. As a client of fuzzylime’s, you will qualify as a data controller – it is your site that is collecting personal data. It is your responsibility to ensure that you have a robust GDPR policy in place in terms of your obligations as a data controller, and that your site fully meets those obligations. While we are happy to help you conduct an audit of this and identify any code that would require to be changed, if this code is custom-built for your site then such changes would count as chargeable work.
We will continue to act as a processor for the duration of time that we are either hosting your site, or have access to the systems powering it to complete our support roles.
What data is being processed?
It is your responsibility as a data controller under GDPR to carry out a full audit of the data you are processing. If you collect any personal data, you should provide us with a summary of what you are collecting through the site.
However, as a broad guide, your site may include one or more of the following.
Mailing list subscriptions: Your site may allow users to enter an email address to subscribe to a mailing list – this list may either be stored within fuzzylime (cms+) or on an external system. Where it is held externally, you would need to agree a contract with the mailing-list provider. Where it is held within the CMS, the only information collected is the user’s email address. Users will be required to confirm their email address before subscription; they will be able to unsubscribe through a one-click link on any email sent to them; alternatively, they can contact you as the site’s operator, in which case you will be able to remove them from the mailing list through the CMS.
Online shop accounts: Your site may include e-commerce functionality. In this instance, your users will be able to provide information such as their name, address, email address and phone number, as well as subscribing to email lists linked to their booking. The system will also store details of which products users have viewed; what products are in their basket; and details of orders they have placed. Users may also be able to request an email notification when an out-of-stock product becomes available; and they may be able to post reviews underneath products. You are able, via the CMS, to delete a user’s account at any point, as well as to amend any incorrect details they make you aware of and any email subscriptions. As standard, the system will hold details of customers, and orders placed, in perpetuity. If a customer requests that their data be deleted, you are able to do this via the Customers area of the system – this will remove stored details about them and their addresses, but will leave orders in place (no longer linked to a customer account). You are also able to provide a full export of their data from the same area of the CMS. Some users may also choose to store card details along with their account – in this instance the only information that is stored would be the last four digits of the card, its brand and expiry date.
Custom-coded member areas: Depending on the specification, your site may include an area that allows users to register, and/or allows you to enter their details, granting access to specific areas of the site. The information that is collected will have been agreed with you at the outset and we endeavour to keep this to a minimum. Users may request to have incorrect information amended – this is something that you will be able to action via the CMS. In cases where they request their data be deleted, in the first instance you would need to assess whether that request was appropriate within your own policies. If you do not currently have the ability to delete data in this way, we will be able to add this for you. Under GDPR legislation, you may also have to provide a system whereby users can extract all the data you hold on the (the “right to data portability”) and we will be able to provide a system to allow you to do this on your request.
Registration for events: Your site might allow visitors – registered or otherwise – to register for a place at an event, either or free or after a payment. In this case we will only collect data that you have requested be asked for – we endeavour to keep this to a minimum. We would recommend that you put in place a procedure to delete details of previous events and bookings after a set period of time and we will be able to facilitate this, either via automated or manual means.
Custom submission forms: You may have asked us to build form-based functionality into your website. This might allow users to submit information, which is sent via email, and/or it may be stored in the site’s database for use through the CMS or for backup purposes. If the information is sent via email, we will not retain any copy of this once it has been sent. Where this data is stored within a database, and a mechanism is not already in place to delete this, we will be able to add this for you.
In all cases, the purpose of processing is to allow you to operate a fully functional website in line with a specification agreed with you. We encrypt data where necessary – for example, all passwords are stored in an encrypted manner, salted and hashed. This means that, even in the event of a data breach, users’ passwords would not be recoverable. We will encrypt any other sensitive information, such as bank details, which you are collecting, and would discuss the implications of collecting this data with you.
Hosting your site
Where fuzzylime is operating as your website’s host, this means that we have access to all the files and databases that make up your site.
We are therefore responsible for ensuring the security of personal data held within your site.
Sites we host are held on UK-based servers operated by the company Linode. You may also wish to review their data protection policies.
As your host, and the administrators of our servers, we will carry out all due diligence to ensure your data remains secure. We act along with our upstream hosts to apply any new security patches as and when these are required. We also work to ensure that all information is encrypted in transmission between your site and your users, and where any sensitive data (such as passwords or bank account information) is held, this will be encrypted. We carry out regular security audits of our servers.
To ensure continuity of service, we take regular backups of sites that we host. These backups are held off-site, on a UK-based AWS server. We hold these backups for up to three months. This means that, if a user requests that their data be amended or deleted, it may remain in a backup in its original form for this period after you have actioned any change – you may wish to ensure this is detailed in your own data protection policies.
If you choose to terminate your hosting contract with us, as detailed above, we hold backups of all our sites for up to three months, after which all copies of the data related to your site that we hold will be deleted permanently. You have the right to request a copy of all personal data at the end of a contract, and we are able to provide this to you up until the point where your contract expires.
Whether we host your site directly or not, it is likely that we will have access to the system to provide support functions. This means that, if your site collects personal data, we will have access to that data.
We will only access personal data held through your site on your specific instruction (ie in relation to a specific support query). We will treat this data confidentially, and will not retain any offline copies.
If we do not host your site, you may at some point wish to terminate your agreement with fuzzylime in terms of our providing you with support. In this instance, we would no longer act as a data processor. The data would remain on your web host’s servers.
If our security was to be breached, resulting in data being exposed that could result in a risk for the individuals concerned, we willl inform you immediately so that you can communicate with these individuals directly. Notification to individuals concerned must take place within 72 hours.
Unless you have specifically requested it, we will not share any data entered into your site with any other organisation. The exception would be where you had requested your site be integrated with a system such as Salesforce, to which enquiries or membership data might be automatically passed. We will only put in place a system such as this at your specific request and you will need to review a separate agreement with any firms such as these.
Working with you
We confirm that we are willing to assist you in dealing with requests from data subjects – either outlining to you how to make a change/delete a user’s data, or adding functionality if it is not currently available.
We are also able to provide more specific information with regard to an audit of your site, although provision of that information may be chargeable depending on the circumstances.
In the event of any enquiry, we can confirm we will co-operate with the relevant Data Protection Authorities.
If you ask us to process data in a way that would infringe GDPR, we will not be able to do so and we will inform you of the reasons for this.
We have always been firm believers in “privacy by design” and “data minimalisation”. As standard, we will only ask users for the minimum amount of data required to provide a service, and we ensure this is held in a safe and secure manner.
If you have any questions about this document, or our policies, please feel free to contact us at firstname.lastname@example.org.