QuickHelp has been GDPR compliant since the May 25th, 2018 deadline. But what does this actually mean to you and your users?
Privacy by Design
Privacy by Design ensures that companies, like BrainStorm, consider data privacy during all design stages of projects, giving EU users power over their own data.
End-users in the EU are required to accept Terms and Conditions, which discloses the data QuickHelp collects, and how it will be used.
NOTE: If an EU end-user chooses not to accept the Terms and Conditions, the user will not be granted QuickHelp access.
End Users in the EU are also required to opt-in to receive QuickHelp emails. The “opt-in” dialog is presented the first time an end-user logs in to QuickHelp.
WARNING: If an EU end-user DOES NOT opt-in when they login to QuickHelp for the first time they will not receive QuickHelp emails unless they change their personal settings as shown below. However, they will not receive any custom communications sent to groups and will not be able to personally change their own opt-in. A support ticket will need to be created to change their opt-in setting.
Email settings can be modified after the fact. Here's how:
- QuickHelp > Settings > Notifications
- Change notification settings, as needed
- Save
NOTE: End-users are not able to disable the email that will Engage users when inactive, as it is controlled by the organizational QuickHelp Administrator.
Portability and Access
Portability and Access grants EU users the ability to obtain their personal data.
End Users (EU or otherwise) can request their individual QuickHelp usage data. This includes, but is not limited to:
- Assets Viewed
- Events Attended
- Assignments given by organizational Admins
- Shared Content
- Responses to Assessment questions
- Emails received
- etc.
To request personal data:
- QuickHelp > Settings > Privacy & Data
- Click Request Data
The end-user will receive an email with a link to their data within 72 hours of the request.
NOTE: End-users must wait at least 72 hours between each data request.
Right to be Forgotten
With the right to be forgotten, EU users can have their personal data deleted if they no longer desire it stored by a 3rd party such as QuickHelp.
End-users in the EU can delete their own QuickHelp account.
- QuickHelp > Settings > Privacy & Data
- Click Delete Data
- In the Wait, before you go... confirmation dialog, click either Continue or Cancel
User data will be removed from QuickHelp within 72-hours of the deletion request. The only data kept will be the user email, the date/time the request was made, and the date/time the information was removed. This is to confirm that the deletion request was completed.
NOTE: All organizational QuickHelp User Admins will receive an email notification when a user requests their account to be deleted.
If at a later date, the end user wants to re-engage with QuickHelp, the user can create a new account via Single Sign-On (SSO) or self-provisioning. The end user must wait until the previous account has been deleted (72 hours after the initial request) before creating a new account. This will truly be a new account, as no historical data will be preserved.