The General Data Protection Regulation, or GDPR, is a European privacy law that will go into effect on May 25, 2018 and stipulates rules around collecting, using and retaining personal data. Showit is committed to data privacy and security and this document outlines our current position as it relates to this new regulation.
Showit Website Customers
For users of Showit with a website on our platform, we do not collect user data from site visitors except through our built in contact form. For a customer who is wanting their website to be GDPR compliant, we recommend not using the Showit contact form while we develop changes and instead use an embed code from a platform that collects user data in compliance with EU laws such as MailChimp (here is their GDPR info). Our Showit servers are hosted with Amazon Web Services and their servers are all GDPR ready.
For Showit users hosting a WordPress blog through our platform, we use WP Engine which is GDPR ready as well. However, because WordPress is an open platform, you must be aware of the plugins you have installed and their current status as it relates to GDPR. WordPress is currently working on developments in core and across plugins to help facilitate this. Please refer to any additional plugins you install especially as it relates to collecting data such as analytics, spam protection, comments, contact forms, newsletter signups or quizzes. The WP WordPress Compliance plugin is also a great utility as you audit your advanced WordPress blog.
Because Showit does not collect data about website visitors if you do not use the Showit contact form, we ask that you refer to the company you use to collect visitor data such as MailChimp when it comes to DPA contracts.
Showit is a US based company and promotes and advertises to US based customers and operates in US currency. Due to the nature of the Internet and global economy, Showit does have some Europeans customers. This is a small minority of our customer base but has meant that we are aware and working toward understanding the impact of EU laws. As a small company we are making efforts toward the rigorous demands enacted by the GDPR in the way we collect and track data for our customers including changes to our platform for signup forms, storage of user data, and staffing to comply. In an effort to be transparent about how Showit stores and maintains customer data, we are disclosing our primary sub-processors. We have our servers on AWS and also primarily use two services to track our user data: Intercom for customer support and they are GDPR ready and Infusionsoft for email communication which is also working toward GDPR compliance. If you would like to request we remove your user data, please contact our support team at firstname.lastname@example.org and they will comply within 30 days as outlined in the GDPR.
If you have any other questions as it relates to GDPR, please feel free to reach out to our support team and you can request updates which we will send and post here as they become available.