14-Day Free Trial
Login

GDPR Compliance and Data Privacy

Introduction

Best Marketer is committed to protecting the privacy of our users and their customers. We stay appraised of developments in data protection laws to ensure you can be confident in your safety while using our platform.

This page will explain the rules, how they apply to your use of the Best Marketer platform and the steps we have taken to comply.

You should review this document in conjunction with our Privacy Policy and contact a specialist legal professional if you require more information or advice.

General Data Protection Regulation (GDPR)

Regulation (EU) 2016/679, more commonly known as the General Data Protection Regulation (GDPR), is an EU regulation aimed at harmonising data protection and privacy laws across the EU. The provisions of the GDPR apply wherever the personal data of an EU data subject is involved.

The GDPR is focused on giving individuals more control over how their data is used by companies and making the collection and processing of data more transparent.

The GDPR was incorporated directly into UK law following the end of the Brexit transition period, meaning that UK businesses still have to comply with its provisions through the ‘UK GDPR’.

Basic GDPR concepts

Controller and processor

The GDPR imposes various obligations on a person depending on whether they are a controller or personal data processor.

A controller is an entity that decides to process personal data and makes decisions regarding the basis of processing and the methods used. Controllers have specific obligations relating to personal data, which you should familiarise yourself with before collecting personal data from your customers.

A processor is an entity which processes data for and on behalf of a controller. They make no independent decisions regarding the data or its processing, as they only process it on behalf of the controller and must comply with all instructions.

When you use the Best Marketer service, you are a controller. You control the data you upload to the Best Marketer system, what you do with that data, and why. As a result, you are responsible for ensuring that you have a legal basis on which to process the data and that you only retain the data for as long as necessary.

Ensure you understand your obligations as a controller and update your systems and policies to allow the lawful transfer of personal data to Best Marketer. 

Best Marketer is a data processor. Through the Best Marketer platform, we store and manage your collected data under your instructions. We will never use your data uploaded to the Best Marketer system for our purposes or without your instruction.

Legal basis for processing

Personal data may only be collected and processed if there is a legal basis. The allowable legal bases are set out in the GDPR.

As a processor, Best Marketer relies on our customers to select the correct basis for collecting and processing personal data and to put the appropriate notices and consents in place. 

Before you use the Best Marketer service, take time to identify which legal bases are available to you and only collect and retain personal data to the extent necessary to carry out that basis. 

You should only change the basis under which you have collected personal data for a good reason, so it is crucial to understand the requirements of the different bases and select the right one at the start.

Data subject access rights

The GDPR grants data subjects (i.e. your customers) certain rights relating to their data, including the right to access, correct and delete any data relating to them.

Best Marketer has put in place easy systems for you to inform us if you receive such a request from a data subject and for us to notify you if we receive such a request. We will ensure that, following your instructions, these requests are promptly complied with. 

You should familiarise yourself with the obligations imposed on you, including relating to any personal data you hold on your systems or services other than Best Marketer.

Transfers of data to the USA

Personal data may not be transferred outside the EEA other than under specific circumstances. We utilise the Standard Contractual Clauses as part of our Data Processing Agreement, which we sign with our customers.

Data Security

We have implemented robust security safeguards and measures to ensure our data is stored securely. We regularly test our products for bugs and vulnerabilities.

We ensure that we have regular backup systems in place and ensure that we have data recovery and data integrity systems and processes to minimise the risk of corruption or loss of personal data.

Steps we have taken to ensure GDPR compliance

We take our duties as a processor very seriously. We have put in place several procedures and taken many steps to ensure that we remain compliant with the GDPR and that you can lawfully send personal data collected by you to us, for example:

  • Our data processing agreement utilises the Standard Contractual Clauses to ensure you can lawfully send personal data to us in the USA.
  • We can detect personal breaches and inform our customers immediately.
  • We can deal with subject access requests and rights of erasure requests and ensure that we inform you when a data subject has made such a request.
  • We have assessed and documented the personal data we processed on your behalf.
  • We have assessed our security and upgraded this where necessary to ensure that it is appropriate for the level of risk we face concerning a data breach.

Related Articles

Terms of Services
Privacy Policy
Refund Policy

©All Rights Reserved. Digital Marketing By Best Marketing Agency Singapore