What is the GDPR?
The General Data Protection Regulation, or GDPR, is a new law in the European Union. It took effect on May 25, 2018.
The GDPR gives people in the EU greater control over their online data and adds new requirements for businesses that handle that data. Those requirements affect both the companies that control the data, including some Acuity customers, and the companies that process it, including Acuity.
What is Acuity doing about GDPR?
Acuity is taking a variety of steps as a result of the new regulations, including updating our terms and policies to be GDPR compliant. As interpretation of the new law continues to evolve, particularly around technical gray areas, we will attempt to implement emerging best practices to ensure Acuity fulfills its responsibilities under the GDPR.
What do I need to know about GDPR and Acuity?
- Published a Data Processing Addendum, or DPA, to address how we process data on your behalf. After you accept our updated Terms of Service, the agreement is in effect.
- Acuity allows you to display terms and conditions in your scheduling instructions. You can use Intake Forms to get explicit consent to you terms from clients. And you can require clients agree to your terms before buying a package or signing up for a subscription.
- If you need to delete a client to comply with the GDPR, you can do so in the Client List. You can delete clients in bulk and delete inactive clients, as well.
- If you need to export data to comply with a client’s data portability request, you can do so in the Import/Export section.
Does using Acuity make me GDPR compliant?
Acuity is a tool that can help you be GDPR compliant, but being GDPR compliant is ultimately up to you. How you use and configure your account, as well as which data you collect, will play a role in your compliance. As mentioned above, there are several specific areas of Acuity that can help with these solutions.