GDPR
VPN Hint’s Commitment to Data Protection and Privacy in Compliance with the General Data Protection Regulation (GDPR)
For VPN Hint, data protection and privacy issues are taken very sternly as the commitment to comply with data protection laws occupy a pivotal position. This page is all about a synopsis regarding the Site’s compliance with privacy laws.
The General Data Protection Regulation (GDPR) has come into full effect on May 25, 2018 and has created steady data protection rules. VPN Hint has worked and is continuing to do so for ensuring that data protection and privacy practices strictly abide by GDPR principles, including principles of control, transparency and accountability.
Transparency
The Privacy Document stays the only integration point to explain how customer personal data is processed. This includes extra information about how customer personal data is used at specific times, like when collecting new data for any purpose.
Customer Control
VPN Hint continues to offer customers the authority over how their personal data is processed by, among other things, thereby allowing customers to unsubscribe from communication with us. This is done to update the account and payment information and finally deactivate the account. Also, a process has been put in place that allow customers to exercise their individual rights under GDPR in regards to personal data (or ‘individual rights requests’). In specific, customers can check the data privacy portal of VPN Hint (‘Portal’) and submit a request for: (1) accessing personal data; (2) limiting the processing of personal data; (3) opposing to processing personal data; (4) rectifying personal data; (5) deleting personal data; and (6) portability of personal data (like having certain personal data transferred to a third party in electronic format).
Accountability
VPN Hint takes all responsibility for all the privacy practices. In order to ensure that all the personal data of customers is used as per the GDPR principles, the existing policies and practices are updated timely, then documented about how it complies with GDPR principles. Finally, a Data Protection Officer (DPO) is recruited for expediting the ongoing compliance efforts.
FAQs
Self Service
- How to update the account information?
Customers can put their names on the top right hand side of the screen and then click on ‘Account’ for updating the information, including payment. All alterations in the account must be made via the website.
2. How to unsubscribe from VPN Hint emails?
After signing into the account, customers can put their names on the top right hand side of the screen and then click on ‘Subscriptions’ to update preferences. To unsubscribe from the Site’s emails, clicking on ‘Unsubscribe’ link in the mail received is the only option.How to deactivate VPN Hint account?
3. For deactivation of the Site account, it’s recommended to contact customer support with this request.
4. How to stop VPN Hint from collection of profiling information about customers?
If VPN Hint has been collecting profiling information about customers, opting out of some or all cookies is worthwhile. This includes vital, performance and advertising and social media cookies, by following instructions in the Site’s Cookie Policy.
GDPR/ Individual Rights
- What is personal data?
As per GDPR, ‘personal data’ is inclusive of information that relates to identified or identifiable person. Names, email address falls under the purview of this, like all other crucial information about the individual user contained within the profile.
2. Is any additional information required when individual rights request is submitted via the Portal?
A document that confirms the customer/s identity must be provided, like copy of national ID card, passport or any legally accepted identification form containing name and address, so as to determine if he or she is a present or former VPN Hint customer. In case the identification document provided is insufficient or any extra information is needed to act on the request of the customer, he or she will be contacted through the portal.
3. What is the expected period of waiting to get a response to individual rights request?
A response is usually provided to the request within 30 calendar days after receiving the request and identity verification information. In case of complexities arising out of the request or when multiple requests have been sent, the responding time frame may exceed the normal. However, that will be notified within 30 calendar days about the delay in response, reasons and expected time frame for response.
4. Do special considerations apply when thinking of asking for deletion of all personal data?
For a request to delete all personal data or certain personal data that allow the contact or maintenance of the account with the Site, there will not be any processing of customer service requests related to the account, which includes returns and voucher servicing.
5. How to ensure that a Site merchant updates or deletes personal data contained about any customer or limits the processing of the same?
Marketers will be notified about the same, but the responsibility for acting on it lies on them. If any request related to personal data is processed by any certain merchant of the Site, it is better to contact him/her directly.
6. Who should be asked about data protection and privacy actions?
To start with, reviewing the Statement of privacy is important. Or you can also contact the Privacy Office, for additional queries.
7. There is no individual rights request, but a complaint on how the Site has handled personal data. What to do about that?
The complaint can be reported through the portal or to Privacy Office via email to the Compliance Team. There are few more options like Ethics Hotline, EthicsPoint, and such. This can be done either by telephone using the given number of the exact country or when online via the website of EthicsPoint.