BizToolKit & GDPR

Introduction

ThrivExcel is committed to protecting the privacy of our users and their customers. We stay appraised of developments in data protection laws to ensure that you can be confident in your safety while using our platform.

This page is intended to explain what the rules are, how they apply to your use of the ThrivExcel platform, and the steps we have taken to comply.

You should review this document in conjunction with our Privacy Policy and contact a specialist legal professional if you require more information or advice.

We reserve the right to change this Privacy Policy from time to time. We will notify you about significant changes in the way we treat personal information by sending a notice to the primary email address specified in your account, by placing a prominent notice on our site, and by updating any privacy information on this page. Your continued use of the Site and/or Services available through this Site after such modifications will constitute your (a) acknowledgment of the modified Policy, and (b) your agreement to abide and be bound by that Policy.

IMPORTANT: BY USING THE SITE AND/OR OFFERINGS AVAILABLE ON THIS SITE, YOU GIVE YOUR CONSENT THAT ALL PERSONAL DATA THAT YOU SUBMIT MAY BE PROCESSED BY US IN THE MANNER AND FOR THE PURPOSES DESCRIBED BELOW. IF YOU DO NOT AGREE TO THESE TERMS AND CONDITIONS, DO NOT USE THE SITE.

General Data Protection Regulation (GDPR)

Regulation (EU) 2016/679, more commonly known as the General Data Protection Regulation (GDPR) is an EU regulation aimed at harmonizing data protection and privacy laws across the EU. The provisions of the GDPR apply wherever the personal data of an EU data subject is involved.

The GDPR is focused on giving individuals more control over how their data is used by companies and making the collection and processing of data more transparent.

The GDPR was incorporated directly into UK law following the end of the Brexit transition period, meaning that UK businesses still have to comply with its provisions through the ‘UK GDPR’.

Basic GDPR concepts

Controller and processor

The GDPR imposes various obligations on a person depending on whether they are a controller or a processor of personal data.

A controller is an entity that decides to process personal data and makes decisions regarding the basis of processing and the methods which will be used. Controllers have certain obligations regarding personal data, which you should familiarize yourself with before collecting personal data from your customers.

A processor is an entity that processes data for and on behalf of a controller. They make no independent decisions regarding the data or its processing, as they only process it on behalf of the controller and must comply with all instructions given by the controller.

When you use the ThrivExcel service, you are a controller. You are in control of the data you upload to the ThrivExcel system, what you do with that data, and why. As a result, you are responsible for ensuring that you have a legal basis on which to process the data and that you do not retain the data for any longer than is necessary.

You should ensure that you understand your obligations as a controller, and update your own systems and policies to allow the lawful transfer of personal data to ThrivExcel. ThrivExcel is a data processor. We, through the ThrivExcel platform, store and manage the data you have collected under your instructions. We will never use any personal data which you have uploaded to the ThrivExcel system for our own purposes or without your instruction.

Legal basis for processing

Personal data may only be collected and processed if there is a legal basis for doing so. The allowable legal bases are set out in the GDPR.

As a processor, ThrivExcel relies on our customers to select the correct basis under which they will be collecting and processing personal data, and to put the appropriate notices and consents in place. Before you use the ThrivExcel service, you should take time to identify which legal bases may be available to you, and only collect and retain personal data to the extent necessary to carry out that basis. You should not change the basis under which you have collected personal data without very good reason, so it is important to understand the requirements of the different bases and make sure you select the right one at the start.

Data subject access rights

The GDPR grants data subjects (i.e. your customers) certain rights relating to their personal data, including the right to access, correct, and/or delete any data relating to them.

ThrivExcel has put in place easy systems for you to inform us if you receive such a request from a data subject, and for us to inform you if we receive such a request. We will ensure that, following your instructions, these requests are promptly complied with. You should familiarize yourself with the obligations which will be imposed on you, including relating to any personal data you hold on your own systems, or services other than ThrivExcel.

Transfers of data to the USA

Personal data may not be transferred outside the EEA other than under specific circumstances. We utilize the Standard Contractual Clauses as part of our Data Processing Agreement which we sign with all of our customers.

Data Security

We have put in place strong security safeguards and measures to ensure that any personal data we hold is stored securely. We regularly test our products for bugs and vulnerabilities.

We ensure that we have regular backup systems in place, and ensure that we have data recovery and data integrity systems and processes to minimize the risk of corruption or loss of personal data.

Steps we have taken to ensure GDPR compliance

We take our duties as a processor very seriously. We have put in place a number of procedures and taken a number of steps in order to ensure that we remain compliant with the GDPR and that you are able to lawfully send personal data collected by you to us, for example:

Our data processing agreement utilizes the Standard Contractual Clauses to ensure that you are able to lawfully send personal data to us in the USA.

We are able to detect personal breaches and inform our customers as soon as possible.

We are able to deal with subject access requests and rights of erasure requests, and ensure that we inform you when a data subject has made such a request to us.

We have assessed and documented the personal data processed by us on your behalf.

We have assessed our security and upgraded this where necessary to ensure that it is appropriate for the level of risk we face in relation to a data breach.

Review and sign our Data Processing Agreement

Updated: January 1, 2022

We are the first-ever all-in-one platform that will give you the tools, support, and resources your business needs to succeed.

Tools

FAQ


Privacy Policy


Terms of Service

Copyright © 2022 BizToolKit All rights reserved.

ABOUT BIZTOOLKIT

BizToolKit is a registered company in Canada owned by ThrivExcel Inc. Our Company is on a mission to help businesses grow to the next level by providing them all the best tools, and high-quality services they need to 10X their business.

All elements, Content, and Images are property of BizToolKit and are protected by Copyright (2022) laws.

CONTACT US

1670 Waldeck Street

Burleson, TX, 76028

P(O): +1-901-699-1661

Email: info@biztoolkit.com

This Website is made with ❤️️ and BizToolKit by ThrivExcel Inc.