THIS IS AN AGREEMENT BETWEEN YOU OR THE ENTITY THAT YOU REPRESENT (hereinafter “You” or “Your”) AND RSoft Technologies GOVERNING YOUR USE OF RSoft CRM OF ONLINE BUSINESS PRODUCTIVITY AND COLLABORATION SOFTWARE.

What is GDPR?

GDPR is a European privacy law enacted on May 25th, 2018. It has four basic requirements.

Transparency

Whenever you ask for someone’s personal information, you must disclose how the information will be used.

Legitimate reason for using personal information

The best reason to use someone's personal data is with their explicit consent. While there may be other valid reasons, such as legitimate interests, demonstrating that these reasons are truly justified can be more challenging without consent.

New rights afforded to data subjects

Individuals have the right to know what personal data you hold about them, request a copy of it, withdraw their consent for its use, or ask for its deletion.

Protection of personal data

Personal data must be safeguarded at all times. Encrypting sensitive information about individuals is highly recommended whenever feasible. Sharing this data with third parties is strictly prohibited without explicit consent.

Non-compliance with GDPR can lead to penalties of up to $20 million or 4% of annual global revenue.

Why was GDPR enacted?

In the decades since the internet became commercialized, technology has revolutionized how we live and work. We turn to Google for personal questions, read news on platforms like Fox or CNN, send private messages via Facebook, and purchase personal items on Amazon—actions that reveal much about who we are. All this data is collected, analyzed, and sometimes traded, often leaving consumers with limited control over how their information is used.

Increasingly frequently, that data is being lost or misused. The Equifax data breach demonstrates that even the largest companies holding the most sensitive data can lack the basic safeguards necessary to protect us. Meanwhile, social networks and search engines mine and monetize us through our data in ways we don’t know. These are real and growing problems that GDPR aims to address.

Which businesses are bound by GDPR?

GDPR applies to you if you meet any of the following conditions:

• You have customers in the EU
• You provide services to (paid or free) to EU citizens
• You market to EU citizens
• You monitor the activities of EU citizens

If your business operates outside the EU and serves only local customers, GDPR compliance is generally not a concern. For example, a flower shop in rural Ohio is unlikely to be subject to GDPR, even if an EU visitor happens to access its website and is logged by analytics software.

Your company’s size doesn’t determine the need to comply with GDPR—what matters is whether EU residents are part of your target market. This means even a small SEO business serving international clients must adhere to GDPR regulations.

Personal Information and Privacy

The personal information you provide to RSoft through the Service is governed by the RSoft Privacy Policy, and your use of the Service signifies your acceptance of its terms. You are responsible for maintaining the confidentiality of your username, password, and other sensitive details. Any activities conducted through your account are your responsibility, and you must inform us immediately of unauthorized access by emailing sales@rsoft.in or contacting us via the numbers listed on [our contact page](http://www.rsoft.in/contact.php). Please note, RSoft is not liable for any loss or damage to you or a third party resulting from unauthorized access or misuse of your account.

Changes RSoft has made to comply with GDPR

Our practices, policies, and products fully adhere with GDPR.

• You will only receive communications that you have explicitly agreed to, and you can opt out of these at any time, ensuring full control over the messages you receive.
• Our privacy policy and terms of service are straightforward, thorough, and transparent, detailing the data we collect, its usage, and your rights to manage it. You can grant or withdraw consent to these policies at any point.
• You can request a Data Processing Agreement (DPA) that outlines how we handle your data by emailing us at legal@rsoft.in, or you can find it on our billing page.
• We only share data with third parties when you have given direct consent, or if you agree to terms or policies that involve those third parties. All third-party data processors we work with comply with GDPR. We will never sell your data to third parties or use it for advertising.
• To our knowledge, our users' data has never been compromised. We ensure your data's protection by only storing data we have consent to store, unless it's necessary for service delivery or we have a legitimate interest.
• We encrypt sensitive personal data when required to safeguard your privacy, without compromising the intended purpose.
• You have the right to request access to, correction of, or deletion of your data, stop us from processing it, or request a copy by emailing legal@rsoft.in.
• We have appointed a Data Protection Officer, whom you can contact by emailing compliance@rsoft.in.
• We are also in the process of establishing GDPR-compliant data processing agreements with our vendors.

RSoft CRM features that help you comply with GDPR

• Implement disk-level encryption for persistent data protection
• Automate the process of requesting, collecting, and managing consents from leads and contacts
• Encrypt lead and contact data while at rest
• Track and audit user access to, and modifications of, encrypted data
• Use double opt-in methods for email marketing to ensure consent

Please note: some of the above features require a specific tier of RSoft, or subscription to RSoft’s Privacy Shield

Start your journey to complying with GDPR

When using RSoft CRM, you can trust that your data is secure, and you have the tools needed to ensure GDPR compliance. However, it's important to use these tools correctly. We recommend familiarizing yourself with GDPR and updating your policies, practices, and procedures to meet its requirements.