SOCIFI presents General Data Protection Regulation Guidelines

On May 25, 2018, the General Data Protection Regulation (GDPR) will come into force, impacting how businesses collect and process data from individuals.

If you are our EU customer or planning to be, this guideline is for you. Please thoroughly read this document as EU GDPR regulation will change the way you can manage user’s data.

We have improved our Data Privacy to more than satisfy the new EU GDPR that will come into effect on May, 25th 2018.

1. SOCIFI GDPR Compliance

According to the new requirements we had to make changes in our Term & Conditions (T&C) & Privacy Policy (P&P)

You will find T&C Editor in your SOCIFI Dashboard under the settings tab.

Depending on your business model and the legitimate interest to collect End user’s personal data you can switch the slider on to show up a Screen with user consent. The WiFi user has to agree by clicking on the consent (“call-to-action”) required for the Free WiFi service.

Detailed information about Privacy policy news:

You can find each stage of Captive business model steps to be clarified from Personal Data processing view:

  • Roaming — Automated record of End-users’ basic data
  • Sessions log — Visitors’ data in every pass through the Captive portal. Ready for potential export
  • Survey report — End users’ response to Survey type of advertising/communication
  • Profile of visitor — Supports identification, autocomplete and better advertising targeting
  • SMS Verification — To be assured the number of a mobile device belongs to End-user
  • RADIUS — Authentication and authorization service
  • PayThru — Transaction log of payment for Paythru service

Our recommendation is to assure the End-users they have more control over their information now than ever. You can prepare a little note for this. The complete list of collected information with full description is also a chapter of updated Term & Conditions for Privacy Policy of SOCIFI Solution.

2. User´s rights and communication

User´s rights are extremely crucial part of the whole process. Be sure they included your Privacy Policy accesses from the website. Feel free to be inspired by ours.

Fundamental End-users rights go as:

  • The right to access.
  • The right to rectification.
  • The previously mentioned right to erasure or the right to be forgotten.
  • The right to the restriction of processing.
  • The right to be informed.
  • The right to data portability.
  • The right to object.
  • The right not to be subject to a decision based solely on automated processing.

We provide a full range of internal audit on how to collect all of the storage data and processing information related to personal data. Then we are able to improve internal methodologies and access right to make them safe and become ready to clear/delete or anonymize the personal data of an End-user.

3. Cookie policy

Regarding the new requirements about cookies, we are happy to announce that we are ready in this part too. Even our approach is different and much simpler than for common e-commerce business model, we are constantly updating our cookies policy and providing a list with descriptions about all collected data no matter where we are collecting them from including but not limited to the frontend, browser, main website or administration access.

4. Internal audits and Personal data access regulations

As we mentioned before, we do have strict internal audit policy, that helps us to learn more and next share this knowledge. In the case of Personal Data Security, we would love to mention that our focus was not only on the End-users data but also our B2B partners, clients, and employees. We started with a complex overview of access rights and storages. Made a list of suggestions and improvements and finally come up with conclusions. Thanks to the methodology we are prepared to proceed with regular control of access rights and more automated services to keeping a personal data retention with a high standard of security.

The changes are much more than those listed above but we didn’t want to bother you with so many details if they are not that necessary. Anyway, we ready to help you with the whole process of implementations GDPR changes.

Feel free to use this email, privacy{a}, to post any kind of question.

Originally published at on May 23, 2018.