The introduction of the General Data Protection Regulation (GDPR for internationalized companies) is shaking up the digital world by imposing new legislation on all entities collecting data. In other words, it is all companies (regardless of size) and all business sectors that are involved.
The services provided by CaptainVerify are widely used by e-merchants, start-ups or small company whose collection of personal data is essential to the proper functioning of the company and that is why it is crucial that each piece of data is collected, processed, stored and protected properly.
Since CaptainVerify is a third-party player and subcontractor through which your data can transit, it seems obvious that we are doing our utmost to implement the recommendations of the GDPR by deploying means at the height of the security that we owe you guarantee.
In order to continue to offer you services that comply with the rules and legislation that govern our businesses, CaptainVerify is surrounded by a dedicated consulting center made up of experts with specialized and diverse skills: Intellectual Property Law, NTIC (New Information and Communication Technologies), e-commerce Regulation and protection of personal data.
As for our anti-spam policy that the users of the services published by CaptainVerify undertake to respect without restraint or reserve, the new general conditions of use will condition the right to use our verification service without any exception no flexibility be granted.
For existing customers, a communication will be sent to you very soon to submit you the new contractual clauses that will protect your interests and the confidentiality of your data.
The GDPR, applicable from May 25, 2018, establishes the principle of accountability, which brings together a set of best practices to improve data protection. While this basic principle was already mentioned in pre-GDPR texts such as the OECD in 1980, the ISO 29100 standard or the Madrid International Conference Standard, today it is based on three main principles in which the GDPR finds its foundation:
As an entity collecting personal data, it will be necessary to be able to provide 3 types of GDPR registers:
As a subcontractor, CaptainVerify has put in place a list of treatments carried out on personal data which is mapped into 3 main categories of treatment:
This registry is regulated and we make sure it contains all the information that needs to be kept.
Our actions demonstrate that compliant GDPR measures have been taken and we are able to prove that they have been implemented properly.
In keeping with the principle of flexibility and updating of data, the platform CaptainVerify has applied a policy of reduction of stored user data. Today, we can guarantee the security of your data at many levels:
All data stored and related to user files and processed files is encrypted
A policy for reducing stored personal data is already in place to collect the minimum amount of customer information and to keep it for the 90-day regulatory period
Your bank details do not pass at any time through our service since the payment system is made by Braintree subsidiary of Paypal.
Access to platform client and user data is limited to only access by CaptainVerify employees and is protected by encryption
You have the ability to simply control your data. Access, rectification or erasure of your data can be done at any time via our contact form.