How does GDPR affect me as an app owner?
In May 2018, as the GDPR takes effect, EU would be setting forth stricter privacy guidelines. After it comes into effect, your app users may approach you with a request to access, edit, or remove any personal data that may be stored on your app. It is important that you comply with the GDPR requirements, and for that it is our suggestion that you make yourself better aware of the guidelines and understand its impact on your app.
If a user, in particular an EU citizen approaches you about their personal data, here is what we suggest you do.
- Confirm their identity.
Ask them for the details of their proof of identity in order to offer them a layer of security. - Let them know that you are processing their request.
Send an email to your users and let t hem know that you are taking care of their query or request. - Be prompt about fulfilling their request.
After you have confirmed the user’s identity, you can take the following steps - If the request is about editing or deleting their personal data, fulfil it without delay. This must be done within a week, but never take more than 30 days for this.
- If the request is to access their personal data, send it within 30 days, and send it only on the email ID or the channel that they used to approach you.