We created this GDPR section on our website to go over what GDPR means for you and the steps we’ve taken to ensure the protection of your privacy
The EU General Data Protection Regulation (GDPR) comes into effect on 25 May, 2018 and places new obligations on organizations based in the EEA or which hold or process personally identifiable information (PII) about EU residents.
For the purpose of the processing personal data, Splitbill Tech may engage data processors and/or, at its sole discretion, hire other persons to perform certain functions on behalf of Splitbill Tech. In such cases, Splitbill Tech shall take necessary measures to ensure that such data is processed by the personal data processors in accordance with instructions of Splitbill Tech and applicable legislation. Splitbill Tech shall also require the personal data processors to implement appropriate measures for the security of personal data. In such cases, Splitbill Tech shall ensure that such persons will be subject to the non-disclosure obligation and will not be able to use this information for any other purpose, except to the extent necessary to perform the functions assigned to them.
The General Data Protection Regulation (GDPR) was enacted by the European Union to deepen and harmonize personal data protection regulations. Now in effect as of May 25, 2018, it is a comprehensive and clear set of guidelines that acknowledges that different “flavors” of personal data require different levels of protection.
GDPR applies to all businesses irrespective of the region or jurisdiction, no matter where they are based, who collect and process personal data on EU residents. Non-EU companies have to appoint a GDPR representative and will be liable for all fines and sanctions
Some of the key requirements of the GDPR are:
Consent: Organizations must get consent to collect personal data, with the level of consent varying according to the type of personal data being collected.
Data minimization: Responding to years of gratuitous collection of personal data by apps, with no clear purpose in mind, the GDPR stipulates that organizations can only collect personal data that is clearly related to a well-defined business objective. If an organization gathers personal data for one purpose but then decides it wants to use it for another purposes (such as consumer profiling), that could be considered non-compliance.
Individual rights: Another key feature of the GDPR is the very clear rights that it gives data subjects (i.e., the individuals whose personal data is being collected) to understand why their data is being collected and how it is being processed. They have the right to object, to correct—and they have the right to be erased/forgotten. They also have the right to be notified (individually) if their personal data has been breached in a way that could endanger their freedoms and rights.
Splitbill Tech complies to applicable legislation, regulation, statute or order which may apply from time to time relating to the collection, storage and use of Personal Information including (without limitation) the Privacy Act 1988(Cth), the Data Protection Act 1998, the European Union General Data Protection Regulation May 25, 2018 the Privacy and Electronic Communications (EC Directive) Regulations 2003, the Data Protection (Processing of Sensitive Personal Data) Order 2000 and comparable laws, as the case may be in the applicable jurisdiction, or any amendments and/or re-enactments thereof.
This is a notice to inform you of the Splitbill Tech policy about all information that we record about you. It sets out the conditions under which we may process any information that we collect from you, or that you provide to us. It covers information that could identify you (“personal information”) and information that could not. In the context of the law and this notice, “process” means collect, store, transfer, use or otherwise act on information.
We regret that if there are one or more points below with which you are not happy, your only recourse is to leave our website immediately.
Splitbill Tech takes seriously the protection of your privacy and confidentiality. We understand that all visitors to our website are entitled to know that their personal data will not be used for any purpose unintended by them, and will not accidentally fall into the hands of a third party.
Splitbill Tech undertakes to preserve the confidentiality of all information you provide to us, and hope that you reciprocate.
Our policy complies with the English courts accordingly implemented, including that required by the European Union General Data Protection Regulation (GDPR) and data protection regulation.
The law requires us to tell you about your rights and our obligations to you in regards to the processing and control of your personal data.
Except as set out below, we do not share, or sell, or disclose to a third party, any information collected through our website.
The operations of Splitbill Tech are in accordance with the European Union’s General Data Protection Regulation (GDPR), effective May 25, 2018. Splitbill Tech has made the GDPR a priority, and we are and have always been fully aligned with the regulation’s intended result:
Passed in 2016, the new General Data Protection Regulation (GDPR) is the most significant legislative change in European data protection laws since the EU Data Protection Directive (Directive 95/46/EC), introduced in 1995. The GDPR, which becomes enforceable on May 25, 2018, seeks to strengthen the security and protection of personal data in the EU and serve as a single piece of legislation for all of the EU. It will replace the EU Data Protection Directive and all the local laws relating to it.
We support the GDPR and will ensure all Splitbill Tech services comply with the GDPR provisions effective from May 25, 2018. Not only is the GDPR an important step in protecting the fundamental right of privacy for European citizens, it also raises the bar for data protection, security and compliance in the industry so therefore Splitbill Tech is committed to abide by all Data protection regulation
A current list of the companies Splitbill Tech partners with to process data is available, you can contact us for that information.
Our App and services are being updated to help customers comply with the GDPR obligations relating to obtaining and recording consent. Consent check-boxes will be available upon request. Other technology designed to automated data access requests received from guests will be released.
Splitbill Tech has always been committed to ensuring we maintain our customers’ and their customers’ data as securely as possible. Details of our Data Security Policy consistent with our obligations under the GDPR is available on our website terms and condition page.
For contractual purposes, you (a) consent to receive communications from Splitbill Tech Limited in an electronic form via the email address you have submitted; and (b) agree that all Terms and condition, agreements, notices, disclosures, and other communications that Splitbill Tech Limited provides to you electronically satisfy any legal requirement that such communications would satisfy if it were in writing. The foregoing does not affect your non-waivable rights.
You may opt out of such email by unsubscribing or sending an email to email@example.com
In the meantime, if you wish to submit a data request under the GDPR, or have any additional queries, please contact our Splitbill Tech privacy officer at firstname.lastname@example.org