GDPR FAQ
We have prepared the following list of frequently asked questions to assist you with your GDPR activities. They may be useful if you find you are required to perform a Data Protection Impact Assessment (DPIA) or Privacy Impact Assessment (PIA).
Our answers relate to Capsule’s responsibility as Data Controller processing our customer's personal data (covered in full in our Privacy Policy and Customer Terms). We have also covered your responsibilities as Data Controller of your contact’s personal data (covered in full in our Data Processing Agreement and Customer Terms).
Contents
- Data collection and retention
- Technical and security measures
- Personnel
- Subject access rights
- Legal
- Risks
Data collection and retention
Questions | Capsule's responsibility as Data Controller | Your responsibility as Data Controller |
---|---|---|
What personal data is processed? | If you decide to register with and use capsulecrm.com (the “Service”) you will be asked to provide certain information about yourself including your name and contact details and for the payer their payment card information. By submitting your personal information, you consent to the collection, use and transfer of your information in accordance with the terms of our Privacy Policy. | Capsule doesn’t limit the information you can elect to store about your customers. You have the sole responsibility for the legality, reliability, integrity, accuracy and quality of your Customer Data. Please note: Capsule doesn’t allow you to store Sensitive Data (as defined by the EU Data Commission Office). |
How is that data collected and retained? | The data collected is stored directly in your Capsule account. You keep your contact details up to date within your account. Your payment details are stored by a payment gateway service provider. | Capsule offers the place where you store your customer data in a private account. The only access to this data is those you’ve given user access to. Any data collected and processed on your account has been added by these users or through integrated services, like email or websites. |
Is the data stored locally, on your servers, or both? | Data is stored on Capsule servers and on other services where these are used to provide the full service to you. For example, payment details are only stored by our payment gateway provider - Capsule doesn’t store or ever hold this information. Another example is when you write to us your email address, questions and answers are stored on Help Scout. We have contracts with these providers to ensure that your data is stored as if we were holding it on Capsule servers. | Data is stored on Capsule servers. If you have local servers for other services you use, no data held on Capsule is stored on them. You can export the data from your Capsule account and store it as a ‘local’ backup but you make these decisions. |
For how long is data stored, and when is the data deleted? | This is explained in our Privacy Policy. After you have closed your account we may retain Personal Data where reasonably necessary to comply with our legal obligations (including law enforcement requests), meet regulatory requirements, maintain security, prevent fraud and abuse, resolve disputes, enforce our Customer Terms, contact you for marketing purposes, or fulfil your request to “unsubscribe” from further messages from us. If none of these obligations apply we will delete Personal Data within 12 months of your account being closed. | It is your responsibility to define how long it is suitable to store personal data in Capsule. You should ensure personal data does not become outdated or redundant. Capsule has tools to assist in finding contacts and data that has not been accessed or used for a period of time. Data which needs to be deleted can then be done so as explained here. For help creating a list of contacts that have not been updated recently please email support@capsulecrm.com. |
Is the data collection and processing specified, explicit, and legitimate? | The collection of your data occurs when you sign up to a Capsule account. The only information collected is to allow us provide the service to you. | It is your responsibility to define the data you collect from your customers and that it is legitimate and explicit information only. |
What is the process for granting consent for the data processing, and is consent explicit and verifiable? | Capsule stores information you provide collecting the personal data we use to ensure we provide a full service to you. Capsule’s Privacy Policy explains what data we collect and store and how we use this data. | There are 6 different ways you can ensure legitimate processing of personal data. Explicit consent is one of those ways which you may have to employ for some or all of your customer’s personal data. This decision is yours to make about the data you process. Capsule offers tools to assist you if you do need to get explicit consent. |
If not based on consent, what is the legal basis for the data processing? | Legitimate Interest. | It is up to you as Data Controller to determine your lawful bases for processing data in Capsule if not based on consent. The ICO has this information on the valid lawful basis for processing data. |
Is the data minimized to what is explicitly required? | Yes. | This is your responsibility as Data Controller. |
Is the data accurate and kept up to date? | You are responsible for ensuring that all contact, email and name details used in connection with the Service are accurate and current during the term of this agreement. The Super Administrators control the day to day administration of the Customer account. | It is your responsibility as Data Controller to ensure the personal data you store in Capsule is accurate and up to date. Capsule has tools to assist in identifying records which have not been updated recently which you can then review. |
How are users informed about the data processing? | Users are informed about data processing via our Privacy Policy and Customer Terms. | It is your responsibility as Data Controller to make users aware that you are collecting and processing their personal data. |
What controls do users have over the data collection and retention? | It is within your control which users are added to your account. There is minimal identifying data collected and stored about each user, including name and email address. We retain this Personal Data for as long as we provide the Service to you or your account remains open. We may retain de-personalised information after your account has been closed. | All users who have access to your account are responsible for the data collected about your customers and how long this data is retained for. |
Technical and security measures
Questions | Capsule's responsibility as Data Controller | Your responsibility as Data Controller |
---|---|---|
Is the data encrypted? | Capsule supports the latest recommended secure cipher suites and protocols to encrypt data in transit. Customer data is encrypted at rest. We work hard to maintain best practices for encryption and disable support for older encryption standards that are no longer considered strong. This is one reason that we drop support for older browsers aggressively. Read more about our browser support policy. | |
Is the data anonymized or pseudonymized? | Yes, where we are using Capsule data to improve the service or understand how Capsule is being used, personal data will be pseudonymized. | |
Is the data backed up? | Our systems automatically replicate your data across multiple locations in real-time to maximize availability. Data is also constantly backed up to ensure we can restore access to your data and the service in the unlikely event that the data replicas in all locations fail at once. Our monitoring alerts us to any trouble and we have staff on-call at all times to quickly resolve unexpected incidents. | |
What are the technical and security measures at the host location? | Capsule and your data is hosted on Amazon Web Services (AWS), a global leader in Infrastructure as a Service (IaaS). Amazon take physical and network security seriously. Their data centres are housed in nondescript facilities. Physical access is strictly controlled both at the perimeter and at building ingress points by professional security staff, video surveillance, intrusion detection systems, and other electronic means. Access to their data centre floors requires two-factor authentication a minimum of two times. Amazon maintain multiple certifications for its data centers, including ISO 27001 compliance, PCI Certification, and SOC reports. Their reports can be found on the AWS Compliance website and you can read more about the specifics of their approach here. |
Personnel
Questions | Capsule's responsibility as Data Controller | Your responsibility as Data Controller |
---|---|---|
Who has access to the data? | The operation of Capsule services requires that some employees have access to the systems which store and process customer data. These employees are prohibited from using these permissions to view customer data unless it is necessary to do so. All Capsule employees and contract personnel are bound to our policies regarding customer data and we treat these issues as matters of the highest importance within our company. All staff employment contracts have full confidentiality clauses and all employees are required to read our comprehensive information security policy covering the security, availability, and confidentiality of Capsule services. | You choose who to invite to your Capsule account and the permissions they have. Our team do not have access to login to your account. On rare occasions, it may be that we can better assist in investigating a problem you are having with Capsule if we can access some part of your data in readable form. We would always ask your permission before taking this action and the process requires authorization and co-ordination across multiple personal and security layers internally. |
What security measures do those individuals work with? | Access to systems which store and process customer data is subject to role based need. Users have individual logins for such systems. Two factor authentication must be enabled where available. Technical controls and audit policies are in place to ensure customer data never leaves our systems. Customer data is never held on end user devices. Security and privacy awareness takes place during onboarding and on an ongoing basis. Employees are subject to regular audits to ensure adherence to our information security policy. | It is your responsibility to ensure users of your Capsule account adhere to security best practices, which includes but is not limited to; not sharing login information, using weak or reusing passwords and using shared or public hardware which may store passwords. As an additional security layer Capsule has the option for users to enable two factor authentication on their account. |
What data breach notification and alert procedures are in place? | For breaches our preferred approach is to limit the possibility of them happening in the first instance. We have robust internal processes to ensure prompt installation of security updates, protection of our assets including 2-factor authentication to sensitive systems, and also to limit access to data to key staff on a needs only basis. Additionally, no one in our company has the right to access your data without your permission. We also engage a 3rd party penetration testing organisation to validate our security and review our application code. In the event that a security breach was detected we would need to perform an investigation to try and understand the scope of the breach and if any data was affected. Depending on the nature of the breach we would make our best efforts to understand what has happened as quickly as possible. We would aim to inform you as soon as possible and not later than 72 hours if you have been affected by the breach. |
Subject access rights
Questions | Capsule's responsibility as Data Controller | Your responsibility as Data Controller |
---|---|---|
How does the data subject exercise their access rights? | You have the right to access information held about you. Please write to us on support@capsulecrm.com and we will compile the information. | An individual may request access to the data you have stored about them in Capsule. This is sometimes referred to as a “Subject Access Request”. Capsule has a Print Summary feature that allows you to export the individual’s contact data and all information held on them, including their entire communication history in one file. |
How does the data subject exercise their right to data portability? | Export. | Export. |
How does the data subject exercise their rights to erasure and the right to be forgotten? | We permit you to delete, rectify and export information you have provided to us, subject to the conditions of our Customer Terms and our legal obligations set out in our Privacy Policy. | When contact data is deleted in Capsule it is stored in the trash for 30 days before being permanently deleted. If a subject requests to have their data immediately the Capsule Super Administrator can opt to permanently delete the record from trash at any point within the 30 days. |
How does the data subject exercise their right to restrict and object? | User personal information is required to identify users to gain access to your account and where requested, for us to assist you in using your account. User data is stored directly on your Customer Account. If a user wants to restrict their use on the service, the Super Administrator should remove them from your service. If a user does not want to receive marketing information from us, they simply tick unsubscribe. However all notices, like invoices and other account related information, must continue to be sent to the Super Administrators. A user’s objection to be on your Capsule account must be directed to your Super Administrators, who are responsible for removing them from the account. | It is your responsibility as Data Controller to document how customers can exercise their right to restrict and object. You must have a process for restricting data should a request be made. You should use methods of restriction that are appropriate for the type of processing you are carrying out. |
Legal
Questions | Capsule's responsibility as Data Controller | Your responsibility as Data Controller |
---|---|---|
Are the obligations of all data processors, including subcontractors, covered by a contract? | Yes. Sub-processors are covered by contracts. | |
Where is data stored, and if the data is transferred outside the European Union, what are the protective measures and safeguards? | Our servers and your data are hosted securely with Amazon Web Services (AWS) in the United States. We have a Data Processing Addendum agreement with AWS that enables transfer of data to AWS in accordance with data protection laws. Your data will only be transferred to a country that the European Commission has determined provides an adequate level of protection, or to service providers who have an agreement with us that also provides an adequate level of protection under data protection laws. Further information on Standard Contactual Clauses can be found in the UK Information Commissioner’s Office (ICO) guide. Your data will only be transferred to a country that the European Commission has determined provides an adequate level of protection, or to service providers who have an agreement with us committing to the Standard Contactual Clauses defined by the European Commission, or certified under the Privacy Shield. | |
Do we have legal structures in place to protect the data subjects? | Yes, Customer Terms and Privacy Policy. | Yes, Customer Terms and Data Processing Agreement. |
Risks
Questions | Capsule's responsibility as Data Controller | Your responsibility as Data Controller |
---|---|---|
What is the likelihood of the data subjects data being misused, mis-accessed, or breached? And what steps have been taken to mitigate those risks? | We have robust internal processes to ensure prompt installation of security updates and protection of our assets including 2-factor authentication to sensitive systems. We also engage a 3rd party penetration testing organisation to validate our security and review our application code. | While we are able to secure our servers you as the data controller for your account have a responsibility to ensure your team also follows good security practice. For example making sure that each service they use has a unique strong password and consider enabling 2 factor authentication. You can learn how to enable here. Super Administrators are able to manage which users have permission to export data to help the limit exporting of data. |
How can the data subject’s data be modified? | We are unable to modify any data you store on your Capsule account. Our Privacy Policy requires you and your users to keep your personal data up to date. | Subject’s data can be modified by any person you invite as a user on the account. Some integrated services will modify data in Capsule as part of the integration. |
Can the data subjects data be lost? | Our systems automatically replicate your data across multiple locations in real-time to maximize availability. Data is also constantly backed up to ensure we can restore access to your data and the service in the unlikely event that the data replicas in all locations fail at once. | Our systems automatically replicate your data across multiple locations in real-time to maximize availability. Data is also constantly backed up to ensure we can restore access to your data and the service in the unlikely event that the data replicas in all locations fail at once. However these backup cannot account for data loss on your account resulting from the actions of authorised users on your account (either accidental or malicious). Therefore we recommend making use of our Account Export facility to take backups of your data on a regular basis. |