GDPR


GDPR

Waitwhile wholeheartedly support the privacy rights of our customers and our users and have fully implemented the required steps for GDPR compliance. Those include:

  • Review of the data we collect, as well as the reasons for why we collect it

  • Updated processes for getting consent from users

  • Updated processes for deletion and exporting of personal information

  • Updated our Privacy Policy, as well as our Terms of Use to reflect our compliance with GDPR.

  • Appointing a Data Protection Officer and EU representative.

  • Minimization of data retention and de-personalization of data where possible and/or required.

  • Coordination with our vendors to make sure everyone is ready for GDPR.

Waitwhile's Role in GDPR Compliance

Waitwhile is acting both as a Data Controller and as a Data Processor within the realm of GDPR compliance:

  • As a Data Controller, Waitwhile is responsible for safeguarding the data of our customers as they interact directly with our services.

  • As a Data Processor, Waitwhile is responsible for safeguarding the data of our partners' and customers' users as it flows through our system.

Customer's and Partner's Role in GDPR Compliance

As a Waitwhile customer or partner, you are a Data Controller and Waitwhile is acting as your Data Processor for your users. In this respect, you’ll want to take the following steps to comply with GDPR:

  • Ensure your Terms of Use and/or Privacy Policy are up to date.

  • If you have customers in the EU or need to be GDPR compliant, your agreement to our Terms of Use will be sufficient as it contains relevant Agreement.

  • If you have customers in the EU or need to be GDPR compliant, you may additionally request to sign our Data Processor Agreement. This is valid for both customers and partners. See below about our DPA.

  • Perform your own research, modeling, vendor audit, and strategy steps at your company to ensure you understand GDPR as it applies to your business.

  • Be thinking about how you’ll handle consent. You should not store or work with users' data without proper consent.

  • Watch for updates from Waitwhile related to product functionality or privacy and terms of use changes.

Data Processor Agreement

If you are using Waitwhile as a customer and have agreed to our Terms of Use, you do not need to sign an additional Data Processor Agreement. Our terms include a provision to ensure compliance with GDPR.

If you are a partner or a customer who needs further documentation of compliance with Waitwhile acting as a Processor (for example, as a customer who processes their own user's data through Waitwhile or as a partner who integrates directly with Waitwhile) you can sign our DPA by contacting us at hello@waitwhile.com.