Your Account

EU General Data Protection Regulation (GDPR)

Overview

General Data Protection Regulation (GDPR) is a new global data protection rights for individuals in the European Union, Iceland, Lichtenstein, and Norway. Clubhouse values your privacy and the security of your data, and is working with counsel to satisfy the requirements of this legislation.

Requirements include:

  • How consent for data collection and processing must be obtained
  • How data subjects may exercise their rights regarding personal data
  • What must be done to demonstrate that data is processed and secured in accordance with the GDPR

For more detail about the regulations, you can visit the official EU site.

When did this take effect?

The new regulations took effect on May 25, 2018.

Who does this impact?

This impacts Clubhouse along with most of Clubhouse’s customers.

Is Clubhouse a data processor or a data controller?

Clubhouse is both a data processor and data controller. We process our customer’s customer data and control the data of our customers that log intoClubhouse. We have certain requirements and liability for both.

Individual Rights

There are 8 data subject rights under GDPR:

  • Right to be Informed
    This right emphasizes transparency to individuals and provides an obligation to provide ‘fair processing information’ while using clear and plain language at the time the customer obtains consent to begin collecting personal data.
  • Right of Access
    This right helps individuals access their personal data so they are aware of and/or verify the lawfulness of the processing.
  • Rights related to Automated Decision Making
    This right provides safeguards to individuals against the risk of a potentially damaging decision to be taken without human intervention.
  • Right to Object
    On certain grounds, this right provides an individual to object to data processing for the purposes of profiling or direct marketing.
  • Right to Rectification
    This right states that individuals are entitled to have personal data rectified if it is inaccurate or incomplete.
  • Right to Erasure
    This right enables an individual to request the deletion of personal data if it is no longer necessary or the data subject withdraws consent.
  • Right to Restrict Processing
    This right provides individuals to have a right to ‘block’ or suppress processing of personal data.
  • Right to Data Portability
    This right allows individuals to obtain and reuse their personal data for their own purposes across different services.

How to Invoke Your Rights

If you need a Data Processing Agreement (DPA) or otherwise have a request to invoke any of your rights as listed above, contact the Clubhouse support team at privacy@clubhouse.io from the email address associated with your account. 

Since Clubhouse is also a data processor, you may have a customer who needs to be removed from your Clubhouse account. In this case, you should still contact the Clubhouse support team at privacy@clubhouse.io to process this request.

Note: Requests for Erasure & Data Portability Rights will take up to 30 days to help meet required compliance timelines.

In the event of a GDPR Breach

In the event of a breach, Clubhouse will contact the affected Clubhouse account owners and immediately trigger remedial action to ensure compliance. Throughout this process, Clubhouse has added procedures to ensure effective communication with the affected customers.

Additional Questions

For any additional questions or concerns about Clubhouse’s approach privacy, security, certifications, or GDPR compliance plans, please contact us at privacy@clubhouse.io.

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.
Powered by Zendesk