GDPR, data & access (VP)

GDPR
Let's Get Digital is fully GDPR compliant. The privacy statement can be found on: https://letsgetdigital.com/en/privacy-policy/​

All the data is only saved strictly within the European Union. All data is removed from our servers within 3 months after the event. If an event manager wishes to remove this data earlier, this is also possible.
Overview all data
This section gives a short overview of the type of data which can be saved into the Let's Get Digital environment.
Users
By default email-address + first/last name is used, but this can be extended by any custom fields.
Custom fields which are enabled by default and can be completed by the user:
- User image
- Company name / company role
- Phone number
- Description
- Birth date
- Gender
- LinkedIN Profile

Note: Birthdate & Gender input can be turned off.

Example's of fields which can be enabled:
- Favourite meal
- Political interest
- Address
- Twitter Profile

Note: Event managers can choose the privacy settings of the users and users, themselves, can decide which other users they will share their data with. If two people make connections with each other within the platform, then their information will be shared between them.
Presentations
During virtual presentations the presenter can use different materials for their presentation:

- Audio/Video input
- PowerPoint presentations or other PDF's
- YouTube video's or MP4 files
- Files

If the presenter(s) choose so, the aforementioned material will be shared with others users who are present in the given room. Event managers can limit the room-access of different users to ensure that only the right, or appropriate users may access a given room.
The presentations can be recorded by the event manager or speaker. The recordings can be downloaded later by the event manager(s). It's also possible that event managers choose to activate the Video On Demand module, which enables all users to access the recordings after the event.
One2One Video chats
One2One video chats are possible within the platform and cannot be recorded within the platform.
Note: A One2One video chat can be recorded by the user themselves, if the user has video recording software on her/his computer.
Access
The Let's Get Digital platform recognizes 3 types of users; Administrators, Hosts and Users. This section describes the rights of each user type and how they log in.
Administrators
Administrators can control the whole system. They choose who gets access, which content the event consists of, and can see the activity of users within the platform. There is only one exception to this - the content of the private one-to-one chats. This content is not shared with the event manager(s). Administrators can control the whole system. The choose who gets access, which content the event has and can literally see everything what is being done in the platform. There is only 1 exception on this one; the content of the private one-to-one chats. This content is not being shared.
Administrators get access by using a hashed password. 
Users
Users can't control any content in the system and can only have access to data that the administrator(s) have given them access to. Users can share data which each other if they make a mutual connection.
Users get access by an access link which is sent at a specified time pre-event. This access link can theoretically be shared with other people, but only one person at a given time can enter the Lets Get Digital platform using this information.
Hosts
Hosts have the same rights as Users. However, they additionally have speaker rights in their respective presentation rooms. This means that they are allowed to upload their presentations/start recordings, etc.
Hosts have the same access method to the platform as Users.
Technical / organizational measures 
All Let's Get Digital servers are located in the Netherlands. All our software is in-house, and only our own employees can access it. If they want to access it, access is always given for a maximum of 24 hours and we keep track of who has been there at what time (Logging). 
All our systems communicate through a secure connection. 
Our apps use certificate pinning and certificate chain validation to prevent other third parties from acting as Let's Get Digital. 
Our software is designed using the by design principle. Apart from human adjustments, the privacy of the software is therefore guaranteed. 
Our platform is daily exposed to hackers via the Hacker1 platform. The moment our system contains a data breach and this is detected by one of the hackers of Hacker1, we are aware of this without abuse.
Our employees get access to the data of a specific event per 24 hours and only when this is necessary to help our events with the correct functioning of the application. 
Our data is stored strictly separated per event. At the moment of a leak, this is limited to a single event. 
All data will be rendered unusable within three months after the event. This means that all data is overwritten and made anonymous, so that it cannot be traced back in any way, neither for Let's Get Digital employees, nor for the organization of events, nor for external parties. 
We have a firewall on the entire system. From the outside, only port 80/443 is accessible.
Subcontractors
We use the following subcontractors:
Name
Service
SambaLive
In platform webinar Software
TransIP
Hosting
Digital Ocean
Hosting
Daily.co
One-To-One Video chatting
Firebase
Messaging
What for information do the subcontractors receive?
SambaLive receive the first and last name of the users. Daily.co and Firebase don't receive any personal data of the users at all. 
All personal data is stored at TransIP and Digital Ocean in server located in the Netherlands. The servers are only accessible by Let's Get Digital. 
​

VPN (VP)

Whitelisting (VP)

Last modified 1yr ago

Copy link

Outline

GDPR

Overview all data

Access

Technical / organizational measures

Subcontractors