How does Implio comply with GDPR?

With the General Data Protection Regulation (GDPR) that has come into effect in the EU on May 25, 2018, Besedo has been hard at work to ensure compliance and provide your organization with the tools needed to support the new regulation.

Data & Privacy features

The following features are available in Implio:

  • the ability to remove all content items that originate from a specific end user, allowing you to handle any right to be forgotten request you may receive from your end users,
  • the ability to remove all content items submitted to your Implio team to date, in case you are no longer it or want a fresh start,
  • configurable retention policies, allowing you to control how long Implio stores the content you are sending.

These features are available in your Team settings, under the Data & Privacy settings section, when logged in as a team administrator.

API for programmatic content deletion

In addition, an API for deleting content items programmatically is available. This allows your servers to instruct Implio to delete content in reaction to certain events on your site.

The corresponding API endpoint (DELETE /v1/ads) supports 3 different types of delete requests:

  • delete by user id: delete all items tied to a given user (specified by its id), allowing right to be forgotten (GDPR) requests from end users to be handled automatically.
  • delete by task id: delete a specific item (specified by a task id) and remove it from any manual moderation queue.
  • delete by from/to dates: delete all items submitted to Implio between specified from and to dates.

Complete documentation for delete requests is available in our API documentation.

More about how we handle your data

Data privacy and security is of paramount importance for Besedo. Here are some of the additional precautions we take to protect your data:

  • All content is stored in the EU if your service is located in the EU.
  • All content is encrypted when stored and transmitted.
  • Only a limited number of Besedo employees have direct access to your data, based on the requirements of their assignments.
  • We do not transfer data to third parties. The only third parties involved with handling your data is our hosting providers, Amazon Web Services (AWS) and, for some of our clients, MagicOnline.

We strive to meet and exceed GDPR requirements, and to have a clear and transparent approach to how we handle your data.

Feel free to reach out to us for any other question you may have.

Was this article helpful?

Can’t find what you’re looking for?

Our customer care team is here for you.