Tyso & GDPR
Tyso is committed to online privacy. In fact, privacy has been one of our core values since inception. We live this value within our business and our work with others. For example, we have a longstanding partnership with privacy-focused organizations. Why? Because we deeply believe in the right to privacy for every individual and we are committed to providing it.
In May 2018, the General Data Protection Regulation (GDPR) came into effect for the EU and EEA. The GDPR embraces many of the privacy rights. For those of you within the EU and EEA, this page will help you understand GDPR and our compliance with it.
While complex, among other things, the GDPR codifies three essential rights: Consent & Control, Security, and the Right to be Forgotten.
- Transparency, Consent & Control. Clear, informed consent and individual control over the use of personal data are basic rights in the GDPR. This means that companies must inform individuals of the data they are collecting and how they are using it. Where there is not a contractual requirement for a company to obtain the information, individual, informed consent must be granted.
- Security. Individuals are entitled to having their data kept securely. This means that, if a security breach occurs that puts personal data at high risk, companies must notify individuals as soon as possible.
- Right to be Forgotten. The GDPR also provides that an individual can request to have their information deleted (also known as the Right to be Forgotten.) There are limitations to this right for example when data must be kept due for reasons of public interest, contractual requirement or when it relates to legal claims.
Information Collected: Tyso.
At Tyso, we collect information for two primary reasons. First, we collect information contractually necessary to execute purchases. This includes basic account information and payment information. It also includes information that must be shared with third-party service providers, such as Google Analytics.
Information Collected: Third-Party Products & Services.
Some information that we collect, must be shared with third parties.
For some products or services that you purchase, data will be collected directly by the third-party service provider and they will be considered the Data Controller for GDPR purposes. This will be true for most products and services purchased on our Apps Marketplace. Data collected by these third-parties directly will not fall under Tyso’s GDPR responsibilities.
At Tyso, We Go Further.
While the GDPR establishes rights for EU citizens, Tyso has been providing and advocating for those rights for quite a long time. We view them as just one of the ways in which we continually protect our customers. Protecting our customers means much more to us than simply privacy.
We see ourselves as your frontline defender for privacy, freedom of speech and due process. This means that you can also be assured that we will protect our customers’ right to freedom of speech. It also means that we will not disclose any personal information about our customers unless required by law or pursuant to a court order or subpoena. We will also fight against requests for information that is overly broad or intrusive to our customers.
At Tyso, privacy is one of the pillars of rights we protect on behalf of our customers. We welcome the implementation of the GDPR and we will continue to strive for ways to deliver beyond it.