GDPR Compliance

What is the GDPR?

The GDPR is the EU General Data Protection Regulation which will be effective from May 25, 2018. It is a law that regulates how companies protect an individual’s personal data. You can find out more about the GDPR here.

Is FamilyBookform compliant with GDPR?

Absolutely. We take security and privacy extremely seriously, building it into FamilyBookform from the outset. We are fully compliant with the GDPR.

Is FamilyBookform a Data Processor or a Data Controller?

We are the Data Processor for all content added to books such as text, images and audio.

We will be the Data Controller for account information such as the name and profile picture obtained through the Google, Office 365 or other login methods. (This is on the basis that we are the ones who have decided to use these logins as the mechanism to log users in, and it’s information that we use for our own purposes in making sure users can log into and use the website). This is the only information in relation to which we are the Data Controller.

Does FamilyBookform have a contract or data processing agreement for schools?

Yes we do. We provide a Data Processing Addendum to our Terms of Service that sets out how FamilyBookform processes data and meets the requirements of the GDPR.

Where is my data stored?

We store all data in AWS Cloud, which is hosted in Australia and the US. AWS participates in the EU-US Privacy Shield arrangement.

This means that AWS protects your information in every country as it would be protected in the EU. Additionally, AWS Cloud offers world class data security which you can read about at: https://d1.awsstatic.com/whitepapers/aws-security-whitepaper.pdf

More questions?

Please start by reading our Data Processing Addendum which sets out how we meet the GDPR’s requirements.

Should you have any further questions relating to our GDPR compliance, please contact us at office@familybookform.com or alternatively in writing at FamilyBookform Level 3/44 Montgomery Street San Francisco CA 94104.