Search help articles

BookSteam and GDPR

What is GDPR?

On May 25th 2018, new European privacy law (General Data Protection Regulation) goes into effect. The main goal of GDPR is to unify data protection laws throughout the European Union and to improve security of personal information for EU citizens.


To whom does the GDRP apply?

GDRP applies to any company (regardless of its location) that collects, stores or processes personal data of EU citizens. This includes companies that operate outside of the EU but have customers who are EU citizens.


Your responsibilities as a BookSteam customer

BookSteam acts as a data processor that processes personal data on behalf of the data controller. As the data controller, you are responsible for making sure that your use of BookSteam services complies with the GDRP regulations (learn more here).


BookSteam helps

BookSteam as a data processor, is taking proactive steps to assist you with GDPR compliance and to protect our customer’s personal data.

Secure data center: All of our customer data is stored in the
secure state-of-the art Microsoft Azure data center is the US East location. All data is backed up automatically daily.

Data encryption: All data is automatically encrypted-at-rest by Microsoft
Storage Service Encryption (SSE). SSE automatically encrypts your data before persisting it to the storage disk and decrypts the data before retrieval. All data written to Azure Storage is encrypted through 256-bit AES encryption, one of the strongest block ciphers available.

Privacy Terms: Privacy Terms have been
updated.

Your own policy: Add your own policy to the booking page,
see here how.

Right to be forgotten:
Deleting a client 

Notifications:
Manage client notifications

Staff access: Enable
Staff login access and security level with permissions