This page has been created to provide information on Grawt's compliance with the General Data Protection Regulations (GDPR) of the European Union. Its primary purpose is to offer companies and organizations that use our product more information about our adherence to GDPR regulations.
Objective
As we collect and process the personal data of EU residents through our product, we are required to comply with GDPR guidelines. To provide excellent services to our customers, we have adopted best practices to ensure the privacy and protection of all personal data we collect and process.
What is GDPR?
The GDPR is mandatory legislation that was introduced in 2018 to ensure the security and protection of personal data provided by EU residents and collected by businesses, individuals, or organizations worldwide.
Responsibilities as a Data Processor and Controller
Grawt provides a product that helps companies and organizations collect and analyze feedback from their customers, some of whom are EU residents. We act as a data processor for our customers, who are data controllers for their end-users, collecting, storing, and retrieving data on their behalf and at their request.
We act as both a data controller and processor since we collect, store, and retrieve data to improve our product. When end-users sign up to participate in a Grawt board, we act as their data controller and processor.
What Data Do We Collect?
The personal data we collect may include cookies, usage data, email address, first name, company name, website, last name, and username. Our privacy policy provides details on each type of personal data collected and applicable provisions.
Third Parties Services
We use third-party services to collect, retrieve, and process personal data and ensure GDPR requirements are met when using these tools.
Consent Collection
When acting as a data processors for our customers, they must collect consent and make clear that personal data is being collected for use on Grawt. However, when acting in our role as a data controller, we ensure that consent is collected from the data subject to store and use data on our platform.
Data Processing Agreement (DPA)
We have created a
Data Processing Agreement (DPA) to protect the transfer of personal data outside of the European Economic Area (EEA).
Data Breaches
If any data breaches occur, we will notify our customers upon discovery and work with them to inform data subjects.
Contact and Support
If you have any questions about GDPR requirements and their impact on your use of Grawt, please contact us at
support@grawt.com.
