Effective Date: May 1st, 2022
The purpose of this document is to address relevant topics and questions linked to GDPR and how it influences ClickGUARD’s customers.It’s given in an understandable FAQ format and references relevant documents.
What is the GDPR?
Passed in 2016, the new General Data Protection Regulation (GDPR) is the single most significant legislative change in EU data protection laws that replaced the 1995 EU Data Protection Directive on May 25th, 2018. Itseeks to strengthen the security and protection of personal data in the EU andserve as a single piece of legislation for all of the EU.
Data protection laws govern the way that businesses collect, use, and sharepersonal data about individuals. Among other things, they require businesses toprocess an individual’s personal data fairly and lawfully, allow individuals toexercise legal rights in respect of their personal data (for example, toaccess, correct or delete their personal data), and ensure appropriate securityprotections are put in place to protect the personal data they process.
ClickGUARD supports and adheres to the GDPR principles of protecting thefundamental right of privacy for European residents.
Who does the GDPR apply to?
The GDPR applies to all entities and individuals based in the EU and to entities and individuals, whether or not based in the EU, that process the personal data of EU individuals. The GDPR defines personal data as any information relating to an identified or identifiable natural person. This is a broad definition, and includes data that is obviously personal (such as an individual’s name or contact details) as well as data that can be used to identify an individual indirectly (such as an individual’s IP address – when it can be related to a person).
What is ClickGUARD customers’ role under GDPR?
ClickGUARD customers are data controllers under the GDPR.
What is ClickGUARD's role under GDPR?
ClickGUARD acts as a data processor under the GDPR. In a nutshell, ClickGUARD’s customers control the data and ClickGUARD processes it on their behalf.
What personal data does ClickGUARD collect from its customers?
ClickGUARD stores data that customers have given voluntarily. For example, ClickGUARD may collect and store contact information, such as name, email address, phone number, or physical address, when customers sign up for click fraud protection services or seek support help. ClickGUARD may also collect other identifying information from its customers, such as IP addresses.
What other personal data does ClickGUARD collect?
As a data processor, ClickGUARD collects and stores:
(1) Data on persons and bots that click on advertisements served by AdWords onbehalf of
- ClickGUARD’s customers:
- Operating System and OS version
- Browserand Browser version
- IP address and GEO-location information based onthe recorded IP address
(2) Data on persons and bots that visit ClickGUARD’s customers’ website(s):
- IP address
- Operating System and OS version
- Browser and Browser version
- Time spent on site
- Interaction with website
- Browserfingerprint (anonymized / hashed)
What is ClickGUARD Data Processing Agreement (DPA)?
Customers that handle EU personal data are required to comply with the privacy and security requirements under the GDPR. As part of this, they must ensure that the vendors they use to process the EU personal data also have privacy and security protections in place. ClickGUARD Data Processing Agreement outlines the privacy and security protections in place at ClickGUARD.
Are customers required to sign / accept ClickGUARD DPA?
In order to use ClickGUARD services, customers need to accept the DPA, which is provided with a link on our website: Data Processing Agreement. By agreeing to ClickGUARD’s Terms of Service, customers are automatically accepting the DPA and do not need to sign a separate document.
Can customers share the ClickGUARD DPA with their customers?
Yes. DPA is a publicly available document and customers who wish to share it with their customers to confirm ClickGUARD security measures and other relevant terms may freely do so.
Does ClickGUARD store data outside EU?
The GDPR replicates the Data Protection Directive restrictions on transferring data outside the EU and prohibits the export of personal data outside of the EU to non-EU recipients unless the export meets certain criteria. ClickGUARD is headquartered in the United States and processes and stores data in US data centers. ClickGUARD provides a level of protection of privacy that complies with the EU rules. ClickGUARD uses the Standard Contractual Clauses (part of the Data Processing Agreement) for the transfer of personal data to third countries.
How does ClickGUARD handle delete instructions from customers?
Customers have the ability to remove or delete personal information they have shared with ClickGUARD by making an explicit request. Likewise, customers may deactivate their account and request that all personal data ClickGUARD has collected and stored is deleted.
How can a customer view and download content from ClickGUARD services?
Customers can export their ClickGUARD data in CSV file format within the ClickGUARD application dashboard. Additionally, the data can be provided per written request.