GDPR FAQ

Effective starting: May 25, 2018

Frequently Asked Questions:

What does GDPR mean?

GDPR is the European Union (EU) General Data Protection Regulation.  It replaces the Data Protection Act 1998 in the UK and the equivalent legislation across the EU Member States.

What does GDPR do?

Ultimately, it protects your rights as it pertains to your personal data.  GDPR is founded on principles that require having your personal data processed lawfully, fairly, and in a transparent manner in relation to you, the individual.  It outlines your individual rights concerning your personal data.

When does GDPR go into effect?

GDPR goes into effect May 25, 2018.

What businesses need to comply with GDPR?

GDPR compliance will apply to any organization, wherever located, that uses the personal information of EU residents to market them or “monitor” their behavior.  By contrast, the predecessor to GDPR was the EU’s 1995 Data Protection Directive and privacy compliance only applied to businesses if they operated or conducted information processing through facilities in the EU. 

What is Pragmatic’s role in GDPR?

Pragmatic is considered a Data Controller when using a service or application from a third-party service provider.  When Pragmatic is using its own services or applications, Pragmatic is the Data Processor.

What is my role (the Customer) in GDPR?

The Customer is considered a Data Subject when Pragmatic is using a service or application from a third-party service provider.  In these instances, Pragmatic is the Data Controller and the third-party service provider is the Data Processor.  When Pragmatic is using its own services or applications, Pragmatic is the Data Processor and the customer is the Data Controller.

What constitutes Personal Data?

There is no definitive list of what is or is not personal data.  Essentially, personal data means any information relating to an individual or identifiable natural person (‘Data Subject’).  Think of it as any information that can be used to directly or indirectly identify you.  It might be an email address, a name, a computer IP address, posts on our Community or Help Center sites, and more.

How do we handle your Personal Data?

The amount of personal data we need to provide our services to you is quite minimal and described further in our Privacy Policy.  The essential personal data we collect are name, phone number and email address and this is primarily required to provision you to our services and to manage your support expectations and service experience.

What are my rights in relation to my Personally Identifiable Information?

If you reside or are located in the European Economic Area (EEA), you have rights to request that we provide access or delete or have a copy of any personally identifiable information we have about you, and you can of course update it.  You can also choose whether or not you wish to receive material (i.e. emails from us) or provide it to third-party providers. If, after these updates, the service can still be delivered to you in its intended state, you can request to restrict the way that we process your personally identifiable information.

What is the age of consent under the GDPR?

Under the GDPR, the default age at which a person is no longer considered a child is 16, but it allows member states to adjust that limit to anywhere between 13 and 16.