• 完美公益影像节(2017)获第十二届人民企业社会责任奖年度案例奖 2019-04-23
  • 来自报告里的大白话,让你百听不厌 2019-04-23
  • 西安幼升小入学难问题出在哪儿教育部门将统筹协调安排 2019-04-19
  • 国医泰斗王凤岐:医源于酒 但须少喝“一点”杜康 一个 2019-04-19
  • 甜点大危机!吃糖导致皮肤老化,了解一下? 2019-04-15
  • 坚守岗位守护绿城美丽与整洁 2019-04-15
  • 质疑的能力都没有,还有批判的余地吗》?看着就想笑 2019-04-11
  • 四川省宜宾五粮液集团有限公司获第十二届人民企业社会责任奖年度扶贫奖 2019-03-25
  • 特兰加雄狮16年后二征世界杯 黑马基因再爆发? 2019-03-11
  • 蕅益大师:学道要想成就 必须要学这两件事 2019-03-11
  • “习近平社会治理法治思想”的核心要义及其时代价值 2019-02-28
  • 竞争的失败者永远存在,只是生活程度不同而以。 2019-02-28
  • 生态环境部:京津冀201家企业存在环境问题 2019-02-27
  • 不仅是肌肉、技术比拼,更是精神PK,所以是文明人的战争。 2019-02-24
  • 2017年度高耗能行业能效“领跑者”遴选工作启动会在京召开 2019-02-13
  • Plurk's GDPR

    GDPR

    Last revised on May 14, 2018, effective as of May 24, 2018

    What is the GDPR?

    The General Data Protection Regulation (GDPR), is a European privacy law that will go into effect on May 25th 2018. It is based upon the European understanding that privacy is a fundamental human right. Established by the EU Parliament, the GDPR regulates how individuals and organizations can obtain, use, store, and remove personal data. It gives EU citizens and residents control over their personal data, and simplifies the regulatory environment for international business that takes place in the EU. If you’re curious, you can read the full text of the law here.

    What is personal data?

    The GDPR defines personal data as any information that can be used to directly or indirectly identify a person, such as a name, photograph, email address, or even an IP address.

    What are the requirements of the GDPR?

    The Data Protection Principles include the following requirements:

    • Personal data must be processed in a fair, legal, and transparent way. It should only be used in a way that a person would reasonably expect.
    • Personal data should only be collected to fulfill a specific purpose, and it should only be used for that purpose. Organizations must specify why they need the personal data when they collect it.
    • Personal data should be held no longer than necessary to fulfill its purpose.
    • People covered by the GDPR have the right to access their own personal data. They can also request a copy of their data, and request that their data be updated, deleted, restricted, or transported to another organization.

    Why is it important?

    GDPR adds new requirements regarding how companies should protect the personal data they collect and process. It also raises the stakes for compliance by increasing enforcement and imposing greater fines for breach. Beyond these facts, it’s simply the right thing to do. At Plurk we respect your data privacy and we have solid security and privacy practices in place that go beyond the requirements of this new regulation.

    Plurk’s commitment to GDPR Compliance and data privacy

    Here is an overview how Plurk has prepared to meet the new regulation requirements.

    Data Processing Addendum

    To guarantee no terms are imposed on us beyond what is reflected in our DPA and Terms of Service, we cannot agree to sign individual customers’ DPAs. We are a small team and are unable to make individual changes to our DPA. Any changes to the standard DPA would require legal counsel and considerable back and forth discussion, which would be cost-prohibitive for our small team.

    If you have any questions or concerns, please let us know.

    Training and awareness

    We formed a core team of leaders from each area of Plurk’s business. The representatives in this group ensure that Plurk covers the requirements of GDPR, across all teams, from Engineering to Customer Success. Plurk requires that all employees learn about and follow GDPR regulations, and ensures that all employees participate in the necessary training.

    Consent

    We've updated our cookie policy to provide you with transparency into the cookies that are set when you visit our site, and how each cookie is used.

    Data inventory

    We reviewed and identified all the areas of Plurk where we collect and process customer data. We validated our legal basis for collecting and processing personal data, and we ensured that we apply the appropriate security and privacy safeguards across our infrastructure and software ecosystem. Our Privacy Policy identifies what we do with the data we collect and how we manage consent.

    Updates to our third party vendor contracts

    We reviewed the 3rd party vendors that we use to provide our products and services, and we performed a comprehensive review of their GDPR compliance. We already have DPAs in place with the vendors who offer a signed version, while others have a DPA that is automatically accepted as part of the Terms of Service on May 25th.

    Clear and concise terms of service and privacy policy

    Transparency is important to us at Plurk — both internally and with our customers. We are in the process of updating our Terms of Service and Privacy Policy to describe how we respect and protect your personal data. These documents will clearly describe the types of personal data we collect and process, why we collect the data, how we use it, who we share it with, and how long we store it.

    Individual Data Subject’s Rights - Data Access, Portability and Deletion

    We are committed to helping our customers meet the data subject rights requirements of GDPR. Plurk processes or stores all personal data with fully vetted vendors with whom we have a DPA in place. We store personal data for up to 3 years unless your account is deleted. In which case, we dispose of all data in accordance with our Terms of Service and Privacy Policy.

    Risk Assessment (data protection impact assessments)

    One of the GDPR requirements is a managed data protection impact assessment (DPIA) process. A DPIA process is a way to help us identify and minimize the data protection risks of a project. The Plurk engineering team has always undergone security and privacy due diligence when choosing tools and making implementation decisions, so this requirement is easy for us. Any time we introduce a change to the way we handle personal data, we discuss the potential impact on Plurk customers and explore possible privacy and security risks to personal data. If any risk is identified, no matter how small, our product and engineering teams collaborate on a solution to mitigate the data privacy and security risk to anyone who interacts with the Plurk platform. We will continue to execute this risk assessment process as we expand Plurk’s offerings.

    Breach Management

    We updated our existing breach management and communication plan to comply with the GDPR regulations concerning the escalation process and requirements for data subject notification.

    We are here for you

    We are working with our customers to answer any questions and address any concerns regarding how we protect their personal data. If you have any questions, please don’t hesitate to reach out.

  • 完美公益影像节(2017)获第十二届人民企业社会责任奖年度案例奖 2019-04-23
  • 来自报告里的大白话,让你百听不厌 2019-04-23
  • 西安幼升小入学难问题出在哪儿教育部门将统筹协调安排 2019-04-19
  • 国医泰斗王凤岐:医源于酒 但须少喝“一点”杜康 一个 2019-04-19
  • 甜点大危机!吃糖导致皮肤老化,了解一下? 2019-04-15
  • 坚守岗位守护绿城美丽与整洁 2019-04-15
  • 质疑的能力都没有,还有批判的余地吗》?看着就想笑 2019-04-11
  • 四川省宜宾五粮液集团有限公司获第十二届人民企业社会责任奖年度扶贫奖 2019-03-25
  • 特兰加雄狮16年后二征世界杯 黑马基因再爆发? 2019-03-11
  • 蕅益大师:学道要想成就 必须要学这两件事 2019-03-11
  • “习近平社会治理法治思想”的核心要义及其时代价值 2019-02-28
  • 竞争的失败者永远存在,只是生活程度不同而以。 2019-02-28
  • 生态环境部:京津冀201家企业存在环境问题 2019-02-27
  • 不仅是肌肉、技术比拼,更是精神PK,所以是文明人的战争。 2019-02-24
  • 2017年度高耗能行业能效“领跑者”遴选工作启动会在京召开 2019-02-13