Customer Thermometer GDPR and CCPA Compliance Statements and FAQ

Last updated: 19 August 2020

Customer Thermometer GDPR Compliance Statement: information for our customers and prospective customers

The EU General Data Protection Regulation (GDPR) is a significant piece of European legislation which came into force in May 2018. It builds on existing data protection laws, strengthening the rights that EU individuals have over their personal data, and creating a single data protection approach across Europe.

Customer Thermometer, as the data processor, has been committed in the delivery of our services to our customers to comply with GDPR from when it came into force on 25th May 2018, working in conjunction with our customers as the data controllers.

Our stance

Customer Thermometer welcomes GDPR and the strong data protection and security principles that it enshrines, many of which Customer Thermometer put in place long before the GDPR was mooted.

Similar to previous legal requirements, compliance with the GDPR requires a partnership between Customer Thermometer and our customers in their use of our software.

Where data controllers are using a third party like Customer Thermometer to process personal data, our ability to fulfil our commitments as a data processor is a part of our compliance with GDPR.   Because of this requirement, Customer Thermometer has worked extensively to ensure that our Terms of Use of use and related agreements, and our relevant policies, contain appropriate provisions for personal data we process or store.

Where are the Updated Privacy Policy and Terms of Use?

Our GDPR preparation started in June 2017, and as part of this process we reviewed and updated all of our internal processes, procedures, data systems, and documentation to ensure that comply with GDPR.

We have now:

  • Updated our Terms of Use to meet the GDPR requirements in order to permit customers to continue to lawfully transfer EU personal data to Customer Thermometer, and permit Customer Thermometer to continue to receive and process that data; Read the updated Terms here.
  • Updated our third-party vendor contracts to meet the requirements of GDPR in order to permit us to continue to lawfully transfer EU personal data to those third parties and permit those third parties to continue to receive and process that data;
  • Updated our Privacy Policy which describes what data we collect and how we use it. If you have specific questions about particular data, you can contact [email protected] for further information at any time. Read the updated Privacy Policy here.

What do you need to do?

As a current or future customer of Customer Thermometer, you are responsible (as the data controller) for ensuring your use of our services is compliant with GDPR and your policies.

Consider these tips:

Get to know GDPR: Familiarise yourself with the provisions of the regulation, particularly how it may differ from your previous data protection obligations and consider the relationships you have with both your customers and staff. Also, note the variance of local provisions which may be superseded by the new regulation.

Audit your data and processes for data capture: Consider creating an updated and precise inventory of personal data that you control. Review your current controls and processes to ensure that they’re adequate, and build a plan to address any gaps. Here are some steps you can take today:

  1. Review your survey program
  2. Review your process documentation
  3. Ensure you have a lawful basis for holding and/or processing the data

Stay informed: Stay abreast of updated regulatory guidance as it is issued.

In summary

At Customer Thermometer, we always want to be one of the best companies our customers have ever worked with. Our customers’ data, and their trust, is of paramount importance to us. We will undertake our processing of data in accordance with our Terms of Use and Privacy Policy, and we will always set the highest bar for ourselves in terms of data protection.

We will keep close to the new legislation as its implementation by the ICO develops, and will keep our customers informed throughout this process.

Customer Thermometer California Consumer Privacy Act (CCPA) Compliance Statement

California residents have the following privacy rights in relation to the Personal Information we collect (to the extent provided for by law and subject to applicable exceptions):

  • The right to know what Personal Information we have collected and how we have used and disclosed that Personal Information;
  • The right to request deletion of your Personal Information; and
  • The right to be free from discrimination relating to the exercise of any of your privacy rights.

Exercising Your Rights: California residents can exercise the above privacy rights by emailing us at: [email protected]

Verification: in order to protect your Personal Information from any unauthorized access or accidental deletion, we will require you, or your Authorized Agent, to confirm your login details before you can submit a request to know or delete any of your Personal Information. If you do not have a user account with Customer Thermometer, or if we suspect fraudulent or malicious activity, we will ask you to provide additional information to verify your identity before taking any action.

Copyright Customer Thermometer 2017-2020. This information is provided for customer guideline purposes only and should not to be relied on for any reason. It is subject to change or removal without notice.