{"_id":"5ab4112879ecb0001269d792","project":"55de06fa57f7b20d0097636b","version":{"_id":"55de06fa57f7b20d0097636e","project":"55de06fa57f7b20d0097636b","__v":14,"createdAt":"2015-08-26T18:35:38.642Z","releaseDate":"2015-08-26T18:35:38.642Z","categories":["55de06fb57f7b20d0097636f","55f1962e3936d52d00fb3c8f","55f1970339e3e8190068b2b8","55f1970d229b772300779a1f","55f1971cfd98c42300acc605","55f1d5c7fd98c42300acc69f","563cbfe4260dde0d00c5e9d4","5644cf437f1fff210078e690","57dc1bbd3ed3450e00dc9ea7","58a600a2243dd30f00fd8773","58ed1bdc068f780f00f64602","58f13b3a4f0ee50f00e24e81","58f173f792f9020f009cad16","591b42f8e633fd0f00077c5a"],"is_deprecated":false,"is_hidden":false,"is_beta":false,"is_stable":true,"codename":"","version_clean":"1.0.0","version":"1.0"},"category":{"_id":"55de06fb57f7b20d0097636f","__v":2,"pages":["55de06fc57f7b20d00976371","55f1961b5fe76419007dc720"],"project":"55de06fa57f7b20d0097636b","version":"55de06fa57f7b20d0097636e","sync":{"url":"","isSync":false},"reference":false,"createdAt":"2015-08-26T18:35:39.331Z","from_sync":false,"order":0,"slug":"documentation","title":"Documentation"},"user":"55de06e19db51a0d0064947d","githubsync":"","__v":0,"updates":[],"next":{"pages":[],"description":""},"createdAt":"2018-03-22T20:25:12.622Z","link_external":false,"link_url":"","sync_unique":"","hidden":false,"api":{"results":{"codes":[]},"settings":"","auth":"required","params":[],"url":""},"isReference":false,"order":999,"body":"[block:api-header]\n{\n  \"title\": \"Introduction\"\n}\n[/block]\nThe General Data Protection Regulation (GDPR) takes effect May 25, 2018, and is designed to give consumers in the European Union more control and transparency over their personal data. Moreover, the GDPR defines personal data broadly so as to include pseudonymous digital identifiers such as cookie ID’s, IP addresses and mobile advertising IDs.  As part of PushSpring's commitment to compliance, we are implementing some important changes to our approach to data collection in the EU.\n[block:api-header]\n{\n  \"title\": \"How does PushSpring comply with GDPR?\"\n}\n[/block]\nWhile PushSpring does not have a physical presence in the EU (i.e., an office), non-EU established companies are still subject to the GDPR where they process personal data about EU data subjects in connection with “monitoring” the behavior of EU data subjects. In other words, processing personal data of EU data subjects for “tracking” purposes would subject PushSpring to the GDPR. \n\nIn response, PushSpring has implemented a variety of mechanisms that will effectively stop any collection of EU-based device data going forward.  In particular, when any of our data collection technology is used on a device, our systems are able to detect whether or not the device is located in the EU.  For EU-based devices, our data center immediately deletes that data prior to processing.  As a result, the PushSpring platform will not process the data of EU data subjects and will not be subject to GDPR requirements.\n\nSeparately, we have deleted any EU-based device information received prior to March 15, 2018 from our systems.  By removing any existing data as well as no longer collecting data going forward, PushSpring maintains GDPR compliance in a way which is transparent to our partners and customers.\n[block:api-header]\n{\n  \"title\": \"What does this mean for my app?\"\n}\n[/block]\nFor non-GDPR countries, we continue to collect data via our existing data handling processes and methods.  PushSpring continually reviews its data handling procedures for privacy compliance. Any SDKs or other code you have already deployed from PushSpring are now compliant with the upcoming GDPR regulation. We encourage you to communicate with other vendors and partners you are working with to ensure their own compliance with this important new regulation.\n\nFinally, while the PushSpring platform won’t be processing the personal data of EU data subjects, our systems will collect personal data from EU data subjects in the context of enabling login access to the PushSpring reporting interface. The legal basis for this processing will be contractual necessity and PushSpring will be utilizing data processing agreements and other tools to ensure that we are in compliance with the GDPR with respect to client personal data as well.","excerpt":"","slug":"pushspring-and-gdpr","type":"basic","title":"PushSpring and GDPR"}

PushSpring and GDPR


[block:api-header] { "title": "Introduction" } [/block] The General Data Protection Regulation (GDPR) takes effect May 25, 2018, and is designed to give consumers in the European Union more control and transparency over their personal data. Moreover, the GDPR defines personal data broadly so as to include pseudonymous digital identifiers such as cookie ID’s, IP addresses and mobile advertising IDs. As part of PushSpring's commitment to compliance, we are implementing some important changes to our approach to data collection in the EU. [block:api-header] { "title": "How does PushSpring comply with GDPR?" } [/block] While PushSpring does not have a physical presence in the EU (i.e., an office), non-EU established companies are still subject to the GDPR where they process personal data about EU data subjects in connection with “monitoring” the behavior of EU data subjects. In other words, processing personal data of EU data subjects for “tracking” purposes would subject PushSpring to the GDPR. In response, PushSpring has implemented a variety of mechanisms that will effectively stop any collection of EU-based device data going forward. In particular, when any of our data collection technology is used on a device, our systems are able to detect whether or not the device is located in the EU. For EU-based devices, our data center immediately deletes that data prior to processing. As a result, the PushSpring platform will not process the data of EU data subjects and will not be subject to GDPR requirements. Separately, we have deleted any EU-based device information received prior to March 15, 2018 from our systems. By removing any existing data as well as no longer collecting data going forward, PushSpring maintains GDPR compliance in a way which is transparent to our partners and customers. [block:api-header] { "title": "What does this mean for my app?" } [/block] For non-GDPR countries, we continue to collect data via our existing data handling processes and methods. PushSpring continually reviews its data handling procedures for privacy compliance. Any SDKs or other code you have already deployed from PushSpring are now compliant with the upcoming GDPR regulation. We encourage you to communicate with other vendors and partners you are working with to ensure their own compliance with this important new regulation. Finally, while the PushSpring platform won’t be processing the personal data of EU data subjects, our systems will collect personal data from EU data subjects in the context of enabling login access to the PushSpring reporting interface. The legal basis for this processing will be contractual necessity and PushSpring will be utilizing data processing agreements and other tools to ensure that we are in compliance with the GDPR with respect to client personal data as well.