Over the last 2 weeks, we've done a few changes in light of GDPR coming into effect tomorrow the 25th of May.
Changes that help you with your compliance:
- Do Not Store Personal Metadata is a new option made to sit along the existing Do Not Store Files. When turned on we delete all personal metadata related to a recording as soon as we're done processing that recording.
- a new Data Processing Addendum to govern our relationship
Changes that touch on our GDPR compliance:
- Security: the account password is needed when canceling a subscription or deleting an account
- Security: we now collect the sign-up/sign-in IP and user agent. We store this information for up to 1 year after the trial account has expired or the account has been deleted.
- Updated copy around account deletion and subscription canceling to make it more clear what happens when you cancel your subscription or delete your account.
- We've switched our sign up form to add emails to our e-mail list based on explicit consent. We used to rely on legitimate interest and soft opt-in.
- We've stopped collecting personal data from our reseller, Paddle, so we're not showing the email to which the invoices will be sent. The invoices are linked directly from your account area though.
- Changes in the way our website uses non-essential cookies