What is GDPR?
It stands for “General Data Protection Regulation” and is designed to help protect consumers like you with regards to how your personal data is used by the businesses you solicit (or whenever you sign up for a 3rd party technology app or platform like Setmore). The regulations govern how your personal data is processed, stored, monitored, shared, and so on. GDPR was enacted in the EU and goes into effect on May 25, 2018.
Setmore is based in the United States but is used by businesses all over the world, including in the UK and the EU. Continue reading for an overview of changes that Setmore has implemented to help meet GDPR compliance, and frequently asked questions, below.
Have any questions or concerns? Email firstname.lastname@example.org.
Requesting Deletion of Personal Data
As a Setmore user and under GDPR, you may request to delete your personal data held by Setmore. We will respond to and fulfill such a request within 30 days after receiving it.
To initiate this process, the Setmore account owner should email a formal written request by email to email@example.com.
Frequently Asked Questions
The following FAQs refer and apply to changes to the Setmore website, products, and services that will go into effect on May 25, 2018.
What tools does Setmore offer to make me or my business GDPR compliant?
The following tools are available to you as a Setmore user to help meet GDPR compliance and build greater trust around privacy issues with your own customers:
Setmore enables you to display your own terms and conditions and/or booking policies in your scheduling instructions. Click here to learn more >
You can customize the email signature for Setmore email alerts and notifications to include links to your terms and conditions and/or booking policies. Click here to learn more >
We expressly notify users at the time of booking an appointment that they may be contacted with messaging deemed operationally essential: “By booking this appointment you will receive appointment-specific communications from Setmore. This may include booking and cancellation confirmations, payment receipts, and appointment reminders via email or SMS.”
You can control email and SMS notifications to your clients on a granular level. Click here to learn more >
We make it possible for you as a Setmore account holder to permanently delete customer, staff, or account data. To make a request of this nature, please have the account holder email a formal request to firstname.lastname@example.org.
In addition, we urge all Setmore users to only capture data that’s absolutely necessary in soliciting customer input on their intake forms. As a Setmore user, you can customize the different intake form fields that appear on your public Booking Page. Click here to learn more >
Does Setmore make it easy for me to view or export my data?
Yes! There are a number of options to retrieve personal or business data from your Setmore account, to facilitate greater data portability in keeping with GDPR guidelines.
If you would like to export staff or service data, please have your Setmore account owner email a formal request to email@example.com.
I’m integrating Setmore with additional services (MailChimp, QuickBooks, etc.). Do I need my customers’ consent to transfer or use their data in those services?
We suggest being thoughtful in your approach to our third-party app integrations and what processing those apps or services will carry out with your customers’ data. In the most scrupulous circumstances, you may need to gain your customers’ consent before you transfer or use their data with a third party integration. The safest course of action may be to deactivate an integration that you suspect may jeopardize your customers’ privacy or infringe on your business’ ability to meet GDPR compliance.
Some suggestions to help tackle this issue: Include a “Terms and Conditions” policy that requires your customers to opt-in to sharing specific articles of personal information, for example: consent to share their email address for the purposes of receiving your email newsletter, which might contain special offers or educational content.
Does using Setmore make me or my business GDPR compliant?
Setmore is usually considered to be a “data processor,” which provides tools to help you and your business become GDPR compliant, but ultimately that responsibility is up to you as the “data controller.” It is important to note that currently there is no official third-party framework in place for certificating GDPR compliance. Setmore is committed to providing industry best standards to meeting our responsibilities under GDPR.
Can I sign a Data Processing Addendum (DPA) with Setmore?
If you’re in the EU or otherwise fall under the purview of GDPR and need to obtain a DPA from Setmore, you can sign our DPA at the following link:
I have unanswered questions, comments, concerns, or GDPR hi-fives. Who can I talk to?
Meeting GDPR compliance is continuing to evolve in nature as technical interpretation of the law develops. Setmore will be phasing in industry best practices to make certain we fulfill our duties under GDPR. Please contact our privacy team at firstname.lastname@example.org with any inquiries.