All Collections
GDPR & Data Security
GDPR - how Bookwhen is compliant and how we're helping you
GDPR - how Bookwhen is compliant and how we're helping you
The actions Bookwhen has taken to ensure compliance with the GDPR
Jen avatar
Written by Jen
Updated this week

This article covers:

Bookwhen as your data controller

As your data controller, we have:

  • Renewed and updated our privacy policy.

  • Given you the option to opt-in to any future marketing-related correspondence. You can do that via your email preferences.

  • Given you the ability to 'pause' the processing of your data by Bookwhen. See the data processing section on your profile page.

Bookwhen as your data processor

As your data processor, we have:

  • Provided an action list to help ensure you're compliant as the data controller of your customers.

  • Created special consent fields, which you can easily add to your booking forms, so you can easily ask your customers to opt-in to marketing messages and agree to your privacy policy.

  • Ensured your customers can exercise all of their data rights, namely to: - amend any of their data, get a report on all of their data held on your Bookwhen account, have the right to have that personal data deleted and object to the processing of that data. All of these functions will be available soon via the new Customer List, but in the meantime, Bookwhen will happily perform any of these requests on your behalf.

  • Employed the highest standards in terms of data security and protection, including: - having a 'cloud' database located in London provided by the best-in-class Google Cloud Platform; having a strict data security organisational hierarchy meaning you can only access personal data from your account, by limited individuals at Bookwhen and usually in anonymised or pseudonymised form; giving you the ability to delete customer data after a certain period automatically; having an apparent 'security incident' protocol, including the reporting of any data breaches; and educating all Bookwhen staff on GDPR via a 12-hour course.

  • Created a Data Processing Addendum. If you'd like to request a copy, please get in touch with the support team via live chat or email.

✨ If you have any questions or feedback, please get in touch with the support team via live chat or email.

Email support

Return to the top

Did this answer your question?