Happy Business Starts Here

Re: Will Zuora be in compliance with the forthcoming EU General Data Protection Regulation?

Zuora Staff

Will Zuora be in compliance with the forthcoming EU General Data Protection Regulation?

 


If you found my answer helpful, please give me a kudo ↑
Help others find answers faster by accepting my post as a solution √

4 REPLIES 4
Zuora Staff

Re: Will Zuora be in compliance with the forthcoming EU General Data Protection Regulation?

 

Zuora will be GDPR ready by May 2018, which is when it goes into effect



If you found my answer helpful, please give me a kudo ↑
Help others find answers faster by accepting my post as a solution √

Tags (1)
Newly Enrolled

Re: Will Zuora be in compliance with the forthcoming EU General Data Protection Regulation?

Having read this article: https://www.zuora.com/guides/guide-understanding-gdpr-implications-subscription-businesses/ I am VERY concerned about the section:

"One potential implication is that companies may have to alter their auto-renewal and subscription payment processes.

 

Companies can no longer store a customer’s personal data simply because it may prove useful in the future, or so they can pass it on to another provider. From now on, the responsibility will be on businesses to justify why they’re retaining customer information, otherwise it may have to be erased.

 

Subscription businesses will particularly be impacted by this since they store a variety of data that helps them gain insights into customer behaviour such as usage, profile, etc."

 

You can't just drop that on us and then 'walk-away'. Have you done any more research into this?

 

"so they can pass it on to another provider" suggests they are talking about the CVC i.e. the 3 digits on the back of a card. If we can't keep that (or a token) how will re-billing be done post-GDPR. 

 

Please help. 

Newly Enrolled

Re: Will Zuora be in compliance with the forthcoming EU General Data Protection Regulation?

As the service you provide includes customer data we’re looking for formal/official communication (detailed enough to provide us with assurance) around GDPR.  Do you have documentation that you can share, for example a security guarantee:

 

  • ISO27001 (relevant to your processing of our client data).
  • A copy of the security risk assessment for Zuora
  • Any other official document designed to provide guarantees in relation to security and GDPR compliance

 

It is a serious issue now in the UK / EU.  And saying you will be 'GDPR ready by May 2018' does not give me comfort about to sign up as a new client (to you).

Highlighted
Honor Student

Re: Will Zuora be in compliance with the forthcoming EU General Data Protection Regulation?

Please let me know whether (as part of being GDPR compliant) ZUORA will allow for:

1. Staff access limitations to client data;

2. Full encryption of client data;

3. Client possibility to delete data.

All these in the self-service client area.

Thank you for your kind support.