Hva er personvernforordningen (GDPR)?
The General Data Protection Regulation (GDPR) is a regulation in EU law regarding the privacy and protection of personal data for people within the European Economic Area. Implemented on May 25th, 2018, the goal of this regulation is to grant EU citizens and residents greater control over their personal data and to set up a regulatory framework, or more simply, a single set of rules for data protection for all businesses operating within the EU.
This is great news for every EU citizen! The 99 articles in the GDPR serve to hold organisations responsible for obtaining the individuals’ consent from whom they gather information. Additionally, these individuals should now be able to easily access the information organisations collect about them.
Hvordan påvirker dette SumUps bruk av min informasjon?
SumUp har alltid tatt personvern og datasikkerhet på alvor. Personvernfororningen sørger nå for at du som SumUp-bedrift får bedre innsyn i informasjonen vi har om deg, og krever samtidig at vi får ditt samtykke for å overføre eller behandle din data.
While SumUp may share your data with trusted third parties (acting on our behalf to provide you with our services), SumUp will ensure that these third parties maintain the highest possible standard for data protection and are in line with any applicable data protection legislation via contractual agreements and specific guidelines provided to them. All SumUp merchant data is held securely within the European Union.
I tillegg til å følge personvernforordningen, så er SumUp sertifisert som kompatibel under Payment Card Industry Data Security Standard (PCI-DSS). Dette betyr at SumUp tar ekstra forsiktighet ved behandling av kortholderinformasjon i tillegg til å sikre at vår maskinvare og programvare gir optimal sikkerhet. Denne sertifiseringen etablerer vårt selskaps evne til å opprettholde de høyeste sikkerhetsstandardene tilgjengelig, slik at SumUp-bedrifter kan føle seg trygge i samarbeid med SumUp.
SumUp allows a merchant to request the details regarding the personal information SumUp retains about them by emailing a request to DPO@sumup.com.
Hva om jeg vil at SumUp skal slette litt av eller all min personlige data?
You can request the deletion of some or most of your personal data by emailing us at DPO@sumup.com. We say “most” because SumUp is required by virtue of other legal requirements to maintain some information for periods of time. For example, all transactional data has to be maintained per Anti-Money Laundering rules 5 years after the relationship between SumUp and the merchant has ended.
Should you desire to withdraw your consent to the processing or the sharing of your personal data, please know that we will not be able to provide you with our services. Per the GDPR, we cannot legally provide you with our services without your consent. Additionally, on an operational level, SumUp requires your consent as we rely on numerous third parties to provide you with our services. For example, your consent allows banking partners to provide the payment services between you and your customers as well as your own payment settlements.
Additionally, you can withdraw your consent to receive supplementary marketing communications at any time, and this will not affect the service we provide to you.
We can assure you that we will continue to only send relevant and (we believe) interesting merchant-related updates, tips and offers that will enhance your business.
Do I need a Data Processing Agreement (DPA) between SumUp and my business?
Note that SumUp has put into place DPA’s with all of the third-party data processors with whom we may share your data in order to provide you with our services.
Ønsker du mer info?
Send en melding til SumUps kundeservice eller kontakt SumUps databeskyttelsesansvarlige, når som helst.
Post: Data Protection Officer, SumUp Payments Limited, 32 - 34 Great Marlborough St, W1F 7JB, London, United Kingdom