Data Protection at TeamUp — How We’re Preparing for the GDPR

The responsibility we have to businesses and customers that use TeamUp is not one we take lightly. We have always made security, privacy, and transparency top priorities as we’ve built TeamUp over the past 6 years. On May 25th, the General Data Protection Regulation (GDPR) will come into effect across Europe and we’re excited to use this as an opportunity to review our data handling policies.

Though TeamUp acts as a platform for fitness businesses to interact with their customers, we are responsible for all data passing through our system. We will ensure the principles of the GDPR (transparency, purpose limitation, data minimization, accuracy, storage limitation, confidentiality, and accountability — see below) are upheld throughout our product and company.

What we’re doing

As a company that handles the personal data of many European citizens, we are committed to fully complying with the GDPR. Here are some of the steps we’re taking:

• Mapping how all data passes through our system
• Updating our Privacy Policy and Terms of Service to improve clarity around personal data
• Making changes to our product to ensure compliance with GDPR, including improved messaging around how personal data will be used and shared
• Training our staff about TeamUp’s data handling policies as well as the GDPR in general

Your responsibility as a business

As a business using TeamUp, compliance with the GDPR is simplified but not eliminated. You should educate yourself about the GDPR and ensure its principles are being followed in all aspects of your business. The European Commission has a great website to help small businesses understand and ensure compliance with the GDPR. For example, any data you collect directly from customers or download from TeamUp must comply with the GDPR. Here’s a quick run-through of what the principles mean:

• Transparency — customers should clearly understand what their personal data will be used for and understand how to revoke consent
• Purpose Limitation — personal data must only be used for what it was originally intended
• Data Minimization — personal data should only be collected if absolutely necessary
• Accuracy — personal data will be kept up to date as best as possible
• Storage Limitation — personal data will only be stored for as long as necessary to satisfy the original purpose
• Confidentiality — personal data will be protected against unauthorized access
• Accountability — compliance with the GDPR can be demonstrated within your business

Looking forward

In the months and years ahead we will continue to develop TeamUp with data privacy as one of our top priorities. We strive to always be improving our processes and product to protect and serve our customers. If you have any questions, concerns, or suggestions, please get in touch.