The information given by EZReachOut relating to the GDPR (General Data Protection Regulation) is for information purposes only. It is not designed to be an exhaustive guide to the requirements of the GDPR. It is users responsibility to ensure that you comply with the provisions of the GDPR and related legislation. Each company’s responsibilities relating to the GDPR will vary depending on individual circumstances; accordingly we will not be liable to you for your reliance on information provided in relation to the GDPR.
You warrant, represent, and undertake to us that Personal Data shall comply with the GDPR in all respects including, but not limited to, its collection, holding, and processing.
You shall be liable for, and shall indemnify (and keep indemnified) us in respect of any and all action, proceeding, liability, cost, claim, loss, expense (including reasonable legal fees and payments on a solicitor and client basis), or demand suffered or incurred by, awarded against, or agreed to be paid by, us and any of our Sub-Processors arising directly or in connection with:
Data is stored securely in Amazon data centers throughout the world. Data will be held in the data centre nearest to the location USA or Europe. Data is encrypted at rest and is also encrypted in transit with all communications over HTTPS. No data leaves the production environment and only qualified personnel have access to the Amazon data centers. And no data on our internal server is transferred without the EEA.
In terms of security, access to security logs are strictly controlled within our development team, we follow advice from Amazon as to when security patches should be applied, and we use Cloud Front to monitor for un-authorized intrusion attempts and report to Federal government agencies. Our authorized support and sales executives have access to your data, a smaller set of EZReachOut team have administrator access to our network and server infrastructure. Data is backed up every day using auto back system.. Data-retention policies will be put in place as part of the GDPR work that is currently underway. All access to EZReachOut dashboard and features is controlled by username and password. Each user can set its own level of password complexity, as required. Data can be deleted upon request by us, should give a written email from registered email account and allow upto 72 hours to take action.
In the event of a data breach, the point of contact from EZReachOut is our Chief Technology Officer, who is also our Data Protection Officer and will invoke the data control procedure with our customer support team as required. Then we will report the breach to the relevant supervisory authority within 72 hours of the organization becoming aware of it. We will notify affected venues within 48 hours of becoming aware of the breach. It is responsibility of users to add eMail address of subscribed individual to EZReachOut for eMail marketing purpose, we do not entertain SPAMERS or users who would send illegal emails using our platform, EZReachOut retains right to block any user from using our platform.
Please note that consent given does not last forever. All user and personal information will be retained for the purposes of bulk eMail marketing & Phone call management data analytics, once the user master account is closed all data including sub-users will be retained upto 90 days. This means we will delete EZReachOut Master account and sub-account database which we cannot retrieve later.