Transparency and Accountability
Purpose of the GDPR Obligation | Ensure transparent communication with data subjects regarding the processing of their personal data. Ensure data subjects are notified of their rights under the GDPR. |
---|---|
Features/Functionality to Work Toward Compliance with the GDPR Obligations That Affect You | Gorgias' Terms of Service Agreement, Privacy Policy, and supporting policies provide a transparent notice to inform its customers. In addition, Gorgias offers legal mechanisms for cross-border transfers of personal data from the EU. |
Exceptions to the GDPR Obligation | A data controller is exempt from these obligations if it cannot identify which personal data in its possession relates to the relevant data subject (i.e., if personal data is anonymized and cannot be re-identified). |
Access and Rectification
Purpose of the GDPR Obligation | Allow data subjects to require a data controller to rectify any errors in their personal data. |
---|---|
Features/Functionality to Work Toward Compliance with the GDPR Obligations That Affect You | Agents have access to their profiles to amend inaccuracies. |
Exceptions to the GDPR Obligation | Provision of this right to a data subject should not adversely affect an organization’s intellectual property (i.e., giving access to a data subject should not require disclosure of trade secrets). |
Right to be Forgotten
Purpose of the GDPR Obligation | Provide data subjects with the right to delete their personal data if the continued processing is not justified. For example, you may need to delete your customer’s personal data to comply with your GDPR obligations. |
---|---|
Features/Functionality to Work Toward Compliance with the GDPR Obligations That Affect You | Detailed description in our Data lifecycle page |
Exceptions to the GDPR Obligation |
A company is not required to delete data, except when one of the following reasons is
present:
|
Restriction Processing
Purpose of the GDPR Obligation | Provide data subjects the right to limit the purposes for which the data controller can process personal data. For example, your customer has filed a complaint or lawsuit against you, and it is your policy to stop processing while the complaint or lawsuit is pending. |
---|---|
Features/Functionality to Work Toward Compliance with the GDPR Obligations That Affect You | This functionality is not yet implemented in Gorgias, but will be by the 25th May deadline. |
Exceptions to the GDPR Obligation |
The requirement to restrict processing generally applies under the same circumstances as
the right to be forgotten and/or when the following circumstances exist:
|
Data Portability
Purpose of the GDPR Obligation | Provide data subjects with the right to transfer their personal data between data controllers. For example, your customer requests for you to export and provide them with all associated personal data that you store. |
---|---|
Features/Functionality to Work Toward Compliance with the GDPR Obligations That Affect You | Gorgias Helpdesk has an industry standard REST API documented here that can be used to export all the data from Gorgias. Gorgias Templates for Chrome has an export to CSV functionality that can export your data. Member data can be exported via our REST API. |
Exceptions to the GDPR Obligation | Inferred and derived personal data (e.g., a credit score or health assessment) are not included because they are not “provided by the data subject.” Data controllers are not obligated to retain personal data simply for the purposes of providing a copy of the personal data pursuant to a potential data subject request. |
Objection to Processing
Purpose of the GDPR Obligation | Provide data subjects with the right to transfer their personal data between controllers. |
---|---|
Features/Functionality to Work Toward Compliance with the GDPR Obligations That Affect You | Gorgias has documented and implemented internal mechanisms to:
|
Exceptions to the GDPR Obligation |
Data controller must cease processing upon request unless:
|
Feedback
If there are any questions regarding this page, please contact us: support@gorgias.io