(What is Required of You as a LimeSpot Client)
As a Data Processor under the GDPR definitions, we may be collecting data on your site to provide our services to you at your direction. We have no visibility to, and therefore no way of managing, certain aspects of the interaction with your Shoppers. These aspects include, notably, obtaining consent and the means of collection (e.g. the interaction with your site).
Solely to the extent that the GDPR is applicable to you, we now require that you:
Obtain informed consent associated with your use of LimeSpot products with your e-Commerce platform;
Provide your Shoppers with our email firstname.lastname@example.org, should they wish to have their personal information removed from our service.
LimeSpot has a Data Protection Officer (“DPO”) to respond to certain requests. On matters of data protection our policy is to practise extreme caution for the benefit of both of us, as well as for the benefit of your Shoppers. While we believe that the Privacy Tool will pre-empt most communications to the DPO, our DPO will nevertheless be made available for LimeSpot-related inquiries that you may not otherwise be in a position to handle. That said, please remember that most Shoppers will be unaware of LimeSpot’s involvement. You will therefore be, by default and necessity, a Shopper’s first point of contact regarding data protection and so will be considered the representative responsible with respect to the requirements of the GDPR. The LimeSpot DPO can be reached at email@example.com.
LimeSpot’s technical infrastructure relies on data centers and cloud service providers that are located outside Europe on Microsoft’s Azure platform. Microsoft was proud to become the first global cloud service provider to appear on the US Department of Commerce’s list of Privacy Shield certified entities as of August 12th 2016. The European Commission adopted the EU-US Privacy Shield Framework on July 12th 2016, replacing the International Safe Harbor Privacy Principles as the mechanism for allowing companies in the EU and the US to transfer personal data across the Atlantic in a manner compliant with the EU data protection requirements as stated on PrivacyShield.gov
You can find our Data Processing Agreement at any time at https://www.limespot.com/dpa
This document has been created to help you comply with the GDPR in regards to your use of the LimeSpot services. We have created a Requirements Overview document about the GDPR that might help you have a better understanding about your responsibilities in general.