What is the GDPR?

The General Data Protection Regulation, or GDPR, is a new European Union law set to take effect May 25, 2018. The GDPR gives persons in the EU greater control over their online data and adds new requirements for businesses that handle that data.

 

Does AppointmentCore comply with the GDPR?

Yes, AppointmentCore has taken a number of steps to ensure we are able to comply with the GDPR regulations. We have updated our Terms and Conditions and Privacy Policy, created a Data Processing Addendum (DPA), and made changes to how we store and process data. As interpretation of the GDPR regulations continues to evolve, we will continue implementing new practices and tools as needed to ensure continued compliance.

 

Does AppointmentCore allow clients to comply with the GDPR?

Yes, AppointmentCore has developed some new tools to allow customers to comply with the GDPR. For example, AppointmentCore has developed a new GDPR Compliance feature that enables customers to collect explicit consent as required under the GDPR. This feature also allows customers to display their own Terms and Conditions or Privacy Policies. AppointmentCore also provides users with the tools necessary to delete client data upon request, or to provide customers with copies of their data, or to comply with a client’s data portability request. AppointmentCore clients can query all appointment data relating to a particular appointment using the Manage Appointments tab of their Account Settings and Extensions. Client data deletion requests can be made by emailing privacy@appointmentcore.com and including in the request the names of all persons whose data should be deleted.

However, the determination of whether you’re impacted by the GDPR and what steps you must take to comply are ultimately up to you. This includes how you configure and use your AppointmentCore account, the data you choose to collect from your customers, and other issues. Your company is ultimately responsible for upholding your obligations under the GDPR and AppointmentCore is not responsible for your lack of compliance or misuse of the software. More information on the GDPR can be found at www.EUGDPR.org.

 

How can my organization use AppointmentCore in a GDPR-compliant manner?

AppointmentCore customers who are subject to the GDPR will need to make some changes to the way they use our system. Step-by-step instructions about how to use AppointmentCore in a compliant manner can be found here. AppointmentCore users are also responsible for upholding their obligations under our Terms of Service and Data Processing Addendum (DPA).