The General Data Protection Regulation, or GDPR, is a European privacy law that went into effect on May 25, 2018 and stipulates rules around collecting, using and retaining personal data. Showit is committed to data privacy and security and this document outlines our current position as it relates to this regulation.

For users of Showit with a website on our platform, we do not collect user data from site visitors except through our built in contact form. For a customer who is wanting their website to be GDPR compliant, we recommend not using the Showit contact form while we develop changes and instead use an embed code from a platform that collects user data in compliance with EU laws such as MailChimp (here is their GDPR info). In addition, Google Fonts (which are available inside of Showit) are not GDPR compliant. Therefore, for a website published from Showit to maintain GDPR compliance, custom fonts would need to be uploaded and used throughout one's website. Our Showit servers are hosted with Amazon Web Services and their servers are all GDPR ready.

For Showit users hosting a WordPress blog through our platform, we use WP Engine which is GDPR ready as well. However, because WordPress is an open platform, you must be aware of the plugins you have installed and their current status as it relates to GDPR. WordPress is currently working on developments in core and across plugins to help facilitate this. Please refer to any additional plugins you install especially as it relates to collecting data such as analytics, spam protection, comments, contact forms, newsletter signups or quizzes. The WP WordPress Compliance plugin is also a great utility as you audit your advanced WordPress blog.

Because Showit does not collect data about website visitors if you do not use the Showit contact form, we ask that you refer to the company you use to collect visitor data such as MailChimp when it comes to DPA contracts.

We can't offer legal advice but a big concern to consider as it relates to GDPR is if you collect personal data and download or export into another site or system. When you identify this, be sure that you create a page on your site that contains a privacy policy that includes the information you collect, why, who you share it with and any other info required by GDPR. This privacy policy is one of the keys to making your website GDPR compliant.
​
​Showit Platform
Showit is a US based company and promotes and advertises to US based customers and operates in US currency. Due to the nature of the Internet and global economy, Showit does have some European customers. This is a small minority of our customer base but has meant that we are aware and working toward understanding the impact of EU laws. As a small company we are making efforts toward the rigorous demands enacted by the GDPR in the way we collect and track data for our customers including changes to our platform for signup forms, storage of user data, and staffing to comply. In an effort to be transparent about how Showit stores and maintains customer data, we are disclosing our primary sub-processors. We have our servers on AWS and also primarily use two services to track our user data: Intercom for customer support and they are GDPR ready and ConvertKit for email communication which is GDPR compliant as well. If you would like to request we remove your user data, please contact our support team at help@showit.com and they will comply within 30 days as outlined in the GDPR.

If you have any other questions as it relates to GDPR, please feel free to reach out to our support team and you can request updates which we will send and post here as they become available.