GDPR

  »   GDPR

Overview

The General Data Protection Regulation (GDPR) is a European privacy regulation that aims to strengthen the security and protection of personal data in the European Union (EU).
We SpotCam collect and store personal data of EU citizens are considered data controllers under the GDPR. Data controllers bear the primary responsibility for ensuring that their processing of personal data is compliant with relevant EU data protection law. This document describes how SpotCam products and service fulfil our obligations as a GDPR data controller under GDPR.

GDPR Implementation

Since our inception, SpotCam’s approach has been anchored with a strong commitment to privacy, security, compliance and transparency. This approach includes comply to EU data protection requirements, including those set out in the General Data Protection Regulation (“GDPR”), which becomes enforceable on May 25, 2018. Our commitments to comply with GDPR guarantee that customers can:
  • Respond to requests from data subjects to correct, amend or delete personal data.
  • Be made aware of and report personal data breaches to relevant supervisory authorities and data subjects in accordance with GDPR timeframes.
  • Demonstrate their compliance with the GDPR as pertaining to SpotCam’s Services.

SpotCam GDPR Product Readiness

The General Data Protection Regulation (GDPR), which goes into effect on May 25, 2018, provides data subjects with an array of privacy rights, which provide individuals with greater transparency into and control over uses of their personal information
At this point, you may be asking how SpotCam’s products align with these privacy rights and where you can learn more about the features and functionality made available in SpotCam’s products that support a GDPR compliance program.
Below are those features and functionality available in each of SpotCam’s products that can support GDPR compliance.

Transparency and Accountability

Purpose of the GDPR Obligation
Ensure transparent communication with data subjects regarding the processing of their personal data.
Ensure data subjects are notified of their rights under the GDPR.
Features/Functionality to Work Toward Compliance with the GDPR Obligations That Affect You
SpotCam’s Privacy Policy provide a transparent notice to inform its customers.
Exceptions to the GDPR Obligation
SpotCam (data controller) is exempt from these obligations if it cannot identify which personal data in its possession relates to the relevant data subject (i.e., if personal data is anonymized and cannot be re-identified).

Access and Rectification

Purpose of the GDPR Obligation
Allow data subjects to require SpotCam to rectify any errors in their personal data.
Features/Functionality to Work Toward Compliance with the GDPR Obligations That Affect You
SpotCam have access to their profiles to amend inaccuracies.
SpotCam have access to their profiles to amend inaccuracies.
SpotCam have access to their profiles to amend inaccuracies.

Right to be Forgotten

Purpose of the GDPR Obligation
SpotCam with the right to delete their personal data if the continued processing is not justified.
For example, SpotCam may need to delete customer’s personal data to comply with our GDPR obligations.
Features/Functionality to Work Toward Compliance with the GDPR Obligations That Affect You
  • Account information deletion: Users can contact support@myspotcam.com and ask us to help them delete the account information from SpotCam server (AWS or GCP)
  • IFTTT connection Deletion: User may connect their SpotCam account with IFTTT, to remove the connection, please contact IFTTT support team.
  • CONRAD connect Deletion: Users may connect their SpotCam account with CONRAD Connect service, to remove the connection, please contact CONRAD Connect support team.
  • Amazon account connection Deletion: Users may connect their SpotCam account with Amazon Alexa service, to remove the connection information, please contact Amazon support team.
  • Google Home connection Deletion: Users may connect their SpotCam account with Google Assistant, to remove this connection information, please contact Google support team.
Exceptions to the GDPR Obligation
SpotCam is not required to delete data, except when one of the following reasons is present:
  • The personal data is no longer needed in relation to the purposes for which it was collected or otherwise processed.
  • The data subject withdraws consent, and there are no other legal grounds for processing.
  • The data subject objects to processing, and there are no overriding legitimate grounds for processing.
  • The personal data has been unlawfully processed.
  • The personal data has to be erased for compliance with a legal obligation.
  • The personal data has been collected in relation to the offer of information society services to a minor under 16 years old.

Restriction Processing

Purpose of the GDPR Obligation
Provide data subjects the right to limit the purposes for SpotCam can process personal data.
For example, customer has filed a complaint or lawsuit against us, and our policy is to stop processing while the complaint or lawsuit is pending.
Features/Functionality to Work Toward Compliance with the GDPR Obligations That Affect You
SpotCam has limited the processing of personal data to only certain specified uses relating to SpotCam products and specific third-party services.
Such like AWS, Google (GCP, Google analytics), IFTTT and CONRAD Connect.
Exceptions to the GDPR Obligation
The requirement to restrict processing generally applies under the same circumstances as the right to be forgotten and/or when the following circumstances exist:
  • The accuracy of the personal data is contested (and only for as long as it takes to verify that accuracy).
  • The processing is unlawful, and the data subject requests restriction (and the data subject is not exercising the right to be forgotten).
  • SpotCam no longer needs the personal data for the original purpose but still requires it to establish, exercise, or defend a legal right.
  • Verification of overriding ground is pending (in the context of a deletion request).

Data Portability

Purpose of the GDPR Obligation
Provide data subjects with the right to transfer their personal data between SpotCam.
For example, our customer requests for us to export and provide them with all associated personal data that we store.
Features/Functionality to Work Toward Compliance with the GDPR Obligations That Affect You
User can contact support@myspotcam.com and ask agent to help them export the account data and information.
Exceptions to the GDPR Obligation
Inferred and derived personal data (e.g., a credit score or health assessment) are not included because they are not “provided by the data subject.
SpotCam is not obligated to retain personal data simply for the purposes of providing a copy of the personal data pursuant to a potential data subject request."

Objection to Processing

Purpose of the GDPR Obligation
Provide data subjects with the right to transfer their personal data when user ask SpotCam to provide.
Features/Functionality to Work Toward Compliance with the GDPR Obligations That Affect You
SpotCam has documented and implemented internal mechanisms to:
  • Cease processing personal data based upon specific data subject requests, confirmed instructions by SpotCam’s customer in its capacity of SpotCam, and the particular reasoning for objecting to processing.
  • Cease processing for direct marketing purposes upon request.
  • Cease processing of personal data for scientific, historical, or statistical purposes.

Subscribe to our newsletter for news and promos:

SSL Certificate geprüfter Lieferant

© SpotCam Co., Ltd. All Rights Reserved.