GDPR - Right to be forgotten

Hi there!

My company is using self-hosted community edition, and very happy with it. We were especially glad to read that Countly would be GDPR-compliant by May, 2018.

Is there any official documentation with information we need as a European organization? Among others, that includes:

  • which data is transmitted
  • which data is stored
  • which data is transformed and discarded (the article mentions the IP address)
  • the process to apply the right to be forgotten (the article mentions it is possible, but I couldn't find anything in the UI)

Regards,
Antoine.

0

Comments

3 comments
  • Scratch that, support just told me this was only available to Enterprise Edition.

    Let me turn that question around: does anyone has any idea how to delete data pertaiening to a single user?

    0
    Comment actions Permalink
  • Hello,
    main difference between Community and Enterprise versions is data granularity.
    As enterprise version records what exactly every user did, we can also easily delete this information.
    For community edition, we can't delete most of the data, because we don't store which user had session in which country or on which device, etc. Those are just anonymous statistics.
    We, however, will be providing a method to delete whatever we store as identifiable information for community edition too, so both editions: community and enterprise would be GDPR compliant

    0
    Comment actions Permalink
  • Do you plan on listing exactly which information is transmitted from the user to the server so we can include those in our user consent form?

    We have a list here that you can check:

    Note that if you are using Countly Community Edition and provide it as a service to your customers / users / etc - anyone outside of your organization, you are kindly required to purchase Enterprise Edition as per our license agreement.

    0
    Comment actions Permalink

Please sign in to leave a comment.