Ändringar i vårt databehandlingsavtal

Vi har gjort ändringar i vårt databehandlingsavtal i och med att vi påbörjat ett samarbete med en ny underdatabehandlare. Då vi försöker hålla vårt juridiska arbete till ett minimum, är följande förklaring av ändringarna på engelska.

Vi har kunder i hela Skandinavien, Tyskland och England och därför kommer databehandlingsavtalet framöver endast att finnas tillgängligt på engelska. Vi hoppas att du har förståelse för detta.

Legal stuff about data processing and GDPR is important and can be complicated. For the sake of simplicity we’re publishing this message in English for all of our customers to read across all the countries we sell Smartplan.

I hope you bear with me that this message isn’t in Danish, German, Swedish, Norwegian etc.

For legal and simplistic reasons we’re also changing our DPA to only be published in English.

Why are you using a sub-processor in the US?

With the Schrems II verdict, we moved our sub-processors to the EU. Our main data processing were already in the EU, but email sending and SMS sending was handled by sub-processors in the US.

This move has only caused us frustration as our email provider doesn’t live up to our level of quality. The result is delayed emails and emails not being delivered.

As the EU has worked out a way for us to now use a sub-processor in the US without losing our GDPR compliance, we are now announcing that we will be starting to use Postmark as our sub-processor for email sending.

We’re only doing this, because we feel just as safe with this specific company located in Chicago. This isn’t another Silicon Valley company harvesting your privacy to sell or profit from ads. This is a company much like us. People first with a focus to enhance peoples lives not harvest them.

Not only do we trust them, we also know they take data privacy seriously. Please read on.

Postmark has implemented SCC’s to comply with the EU laws on GDPR.

A few touchpoints that we have emphasized during our assessment of why we trust them:

  • Postmark has implemented Standard Contractual Clauses to comply with the requirements of Regulation (EU) 2016/679 of the European Parliament. This will ensure that the data transfer mechanisms are in place as well as a legal basis to do the international transfer.
  • Postmark states the following: “Data transferred from our customers to our servers is encrypted via SSL that is configured to meet or exceed all industry standards. Cold data at rest is encrypted with 2048-bit RSA.

    Even though Postmark itself has not undergone a SOC audit, our data center has. We can provide a copy of the SOC report for the data center after completing an NDA.”

  • Postmark states: “The data centers we use demonstrate ongoing compliance with rigorous international standards, such as ISO 27017 for cloud security, ISO 27018 for cloud privacy, SOC 1, SOC 2, and SOC 3, PCI DSS Level 1, and more”

These are just a few. You can read about Postmarks security in more detail here.

Postmark will be replacing Sendinblue as our sub-processor for transactional emails. (Email notifications from Smartplan).

We have published a new version of our DPA on your account.

You can go to “Settings” and to the bottom of the page to download. We have also published it publicly on our website here.

Varför är Smartplan något för ditt företag?

Vi gör jobbet åt dig

Upplever du att det är krångligt att byta från Excel eller ditt nuvarande system behöver du inte oroa dig. Med Smartplan kommer du igång inom några minuter.

Flexibilitet, bekvämlighet och enkelhet

Smartplan är verktyget för lätt och flexibel schemaläggning. Lär dig vårt enkla system i dag.

För att priset spelar roll

Låga priser och inga förpliktelser är viktigt för dig och du behöver inte en massa onödiga verktyg.