GDPR Compliance
The General Data Protection Regulation (GDPR) is a regulation in EU law regarding data protection and privacy for European Union citizens. It states that brands in control of personal data,must be able to honor, within one month, requests for access, portability, rectification and erasure.
With regard to user attribution, since it is impossible to know in advance which users are European citizens, GDPR applies to all users, European or not.
GDPR Entities
| Data Subject | The end-user of the application for which the data is being collected. |
|---|---|
| Data Controller | The advertiser determines the purpose and means by which the personal data is processed. |
| Data Processor | AppVirality process personal data on behalf of the data controller |
GDPR Requirements
GDPR details the mandatory rights of the data subject.
| Rights | GDPR Definition | How AppVirality helps the Controller |
|---|---|---|
| Right of Access | 1.If requested, data subjects have the right to know if, why, and for how long the data controller will be processing their data. 2.If data is shared with third parties (like AppVirality), data subjects have the right to know who those third parties are. 3.The right to know what categories of data are being processed. 4.If there is automated processing, that has a significant effect on them. |
Data controllers at any point of time can access the status of the erasure request using API to get request status and report the same. |
| Right to Data Portability | The Data Subject needs to receive all of their personal data in a structured, commonly used and machine-readable format – such as a CSV file. | Get User Details API help the Data controller to read the personal data of the Data Subjects which in turn can be sent back on receiving portability request. |
| Right to Rectification | Allows Data Subjects to correct their data if they see it is inaccurate or untruthful. Data controllers then have to erase or fix inaccurate or incomplete data. | Data controller can submit ‘rectification’ request using Update user details API. AppVirality updates the data subject's past data with the new data. |
| Right of Erasure | The right of erasure forces data controllers to remove the personal data within one month. | Data controllers can delete the collected personal data of data subjects with an ‘erasure’ request. |
GDPR Requests API
AppVirality supports the above requirements via its GDPR Requests API
All requests to the Appvirality API must be authenticated via HTTP Basic Auth.
Authentication
To authenticate, you provide your API key as the username and your Private key as the password.
API Key – Get it from Dashboard >> App Details
Private Key – Get it from: Dashboard >> App Details >> Click App Settings >> Scroll down to Advanced Settings