FAQ about MemberSpace's privacy and GDPR compliance

What is GDPR?

Here is the EU's official website: https://www.eugdpr.org. But here is a helpful article which explains each part of the regulation in plain english that a non-lawyer can understand :)

Basically the GDPR law is a replacement for the 1995 Data Protection Directive. GDPR will significantly strengthen a number of rights for individuals (e.g. demand companies reveal or delete their personal data). The penalty for non compliance is a maximum fine is €20m or 4% of the company's global turnover (whichever is higher).

Who does this affect?

Any business which processes personally identifiable information (PII) of data subjects inside the European Union. PII is information that can be used to identify, contact, or locate a single person, or to identify an individual in context (reference) such as their email address or full name.

What has MemberSpace done to comply with GDPR?

Here are some of the steps we've taken:

Our Terms & Conditions and Privacy Policy have been rewritten with GDPR in mind. We also have a signed Data Processing Agreement you may countersign if you wish.
You can request updates or deletion of you or your customer's data (DSR) whenever you want here.
We have a publicly available list of 3rd party subprocessors we share data with.
We have a help doc explaining how to add new member to your email list in a GDPR-compliant way so you can get explicit consent from them.
We have added a Privacy & Compliance section to our help center. Here we detail the tools we provide you to help facilitate your own compliance.
All of our employees and contractors have signed an NDA to keep you and your member's data private and secure.
We are compliant with Privacy Shield.

What is SCA?

Strong Customer Authentication (SCA) is a European regulation requirement to help reduce fraud and increase online payment security. SCA should only affect those of you who have customers in the EU along with your business bank account (connected to Stripe) based in the EU.

What has MemberSpace done to comply with SCA?

We have implemented the 3D Secure 2 authentication method via Stripe along with various exemption handling. For your customers it provides a another step to authenticate an online transaction. Here are more details from Stripe about the various changes to their API that we help you comply with.

What is CCPA?

California Consumer Privacy Act (CCPA) is state statute intended to enhance privacy rights and consumer protection for residents of California, USA.

What has MemberSpace done to comply with CCPA?

We have updated our Privacy Policy and (signed) our Data Processing Agreement with CCPA in mind. You may countersign if you wish.

I have questions, who do I contact?

If you have any questions about our security, GDPR, CCPA, or SCA compliance please get in touch via email at [email protected] or contact our support team.