GDPR, or the General Data Protection Regulation, is a new framework of rules and compliance obligations governing how businesses can collect, use, and share data from consumers within the EU. Even if a business is not based within the EU, they must follow the new rules if any of their customers are EU citizens. The GDPR is designed to empower consumers and their privacy by requiring companies to explain how and what data is being used by the organization. Additionally, the framework assures a level of security and privacy by requiring companies to appropriately safeguard protected data.
- How is Recharge affected?
- What has Recharge done to prepare for the GDPR?
- Will Recharge enter into a Data Processing Agreement with its merchants?
How is Recharge affected?
Recharge provides services to merchants across the globe, many of whom reside within the EU themselves or work with customers who do. The GDPR framework requires compliance not just from the merchant, but any company with whom the merchant chooses to engage if that work includes processing data from EU customers. In this case, since Recharge provides payment processing for merchants, Recharge must be in compliance in order to ensure their EU Merchants are also compliant.
What has Recharge done to prepare for the GDPR?
Recharge has been hard at work to ensure full GDPR compliance by the May 25, 2018 deadline.
Activities Recharge has undertaken include:
- Engaged external GDPR experts to ensure the regulation is being followed to its full extent.
- Re-worked Recharge’s Terms of Service and Privacy policies to include new language referencing GDPR.
- Reviewed contractual agreements with vendors and processors with which Recharge does business to assess their compliance.
- Begun GDPR-focused training to Recharge staff who work with protected data on a day-to-day basis.
- Created and documented new procedures to ensure Recharge’s current workflow satisfies the new regulations.
- Developed a Data Protection Impact Assessment process to evaluate and mitigate security and privacy risks as they evolve.
- Evaluated Recharge’s current state as it relates to the data it processes on behalf of its merchants.
Will Recharge enter into a Data Processing Agreement with its merchants?