GDPR - What you need to do?

Introduction 

The General Data Protection Regulation (GDPR) was introduced by European Union in 2018, and it affects both European and non-European businesses if they are targeting guests / users in the European economic area 

Since 2014 IPERA has been adapting privacy rules since we have launched the IPERA Starling platform. All the features and options in the Splash Pages are compliant with the privacy regulations that many countries has in place

Here are a few steps that IPERA partners and customers need to do when enabling Starling Guest Experience & Engagement platform 

1. Collect Communication Consent

The main legal basis for collecting and processing your users’ personal data is consent. IPERA products include many features and capabilities that allow us to serve our customers needs to comply with GDPR regulations. It is our customer's responsibility to make sure they configure the IPERA Starling platform in compliance with GDPR and IPERA consultants will be happy to help in case needed

The Privacy Policy has to be accepted explicitly. Acceptance check-boxes cannot be pre-checked. Log in to your account and check the settings of the tenant or location 

1. Make sure you selected the option to get an explicit acceptance of the Terms of Use and Privacy Policies.
2. If you are collecting the data for promotional communications, make sure to enable marketing consent on the splash page

2. Update your Privacy Policy

We provide a solution for our customers to operate their own service. In this scenario, IPERA operates as a Data Processor, while our customer operates as a Data Controller. It is essential that our terms and our customer’s terms reflect this. The guest / end-user of the WiFi hotspots must also be made aware of the role of IPERA and our customers. It is essential that you review your own privacy policy and make sure it reflects GDPR needs and benefits.

In the Login Profile, you can customize your Terms & Conditions with Privacy Policy text, in multiple languages. This can be set at Tenant settings level or Location settings level 

3. Allow Guests to Access Their Information

For each tenant, we have a link that can be shared with Guests upon their request.

The link can be accessed via Settings > Advanced Settings

Profile Access URL link should be shared with guests upon request 

Guests (end-users) have the option to login using their email address or mobile number. 

Guests (end-users) have the option to export their data in Excel or Delete their personal data. In this case, their email address and communication data will be removed permanently

** Please note that to access the end-users to their profile URL from outside the network, the URL should be a public DNS record.