GDPR Compliance

The General Data Protection Regulation (GDPR), EU 2016/679, is a significant piece of legislation that originated in the European Union and has had a global impact. When it was first introduced, many businesses were concerned about compliance. Some people see the GDPR as overly restrictive, while others appreciate the efforts made by lawmakers to protect digital privacy.

At Proxima Analytics, we have been working with GDPR compliance since the inception of our business. While it does require a lot of effort to ensure compliance, we believe it is a fair and necessary regulation. The GDPR allows for flexibility in how businesses operate while still prioritising the protection of personal data.

Is Proxima Analytics GDPR Compliant?

Proxima Analytics is fully compliant with the GDPR and takes every necessary measure to ensure the protection of personal data for both our customers and their website visitors. We have a dedicated EEA-based privacy officer who stays up to date with all the latest changes in regulations and we invest heavily in compliance.

We deal with personal data in two capacities: as the controller of our customers' data, and as the processor of our customers' website visitors' data.

To ensure GDPR compliance, we:

1. Prioritise the intention of the GDPR, which is to protect the privacy of EU citizens. We consider the potential risks to website visitors in everything we do.
2. Practice data minimisation by collecting as little personal data as possible to reduce risks to data subjects. Additionally, we do not store any data linked back to individuals or entities.
3. Have a legal basis for the processing we do and regularly conduct privacy risk assessments to identify any potential changes that need to be made.
4. Encourage our customers to complete a Legitimate Interest Assessment, which can be easily prepared using the information provided on our website.

How Does Proxima Analytics Handle Personal Data under GDPR?

Proxima Analytics processes personal data, including IP addresses and User-Agents, on behalf of our customers while maintaining the privacy of website visitors. For an overview of how we maintain compliance with GDPR, refer to our Data Journey page for a complete description of the process. Here is a summary of our approach:

• We process personal data (such as IP Address and User-Agent) on behalf of our customers. However, we do not store any raw data in our systems.
• We keep pseudonymous data for approximately 24 hours. This data is used to encrypt and identify individual visitors on websites. However, we cannot decrypt, link, or connect users across visits.
• Even if someone gains access to our systems, they will not be able to identify specific users. Our processes ensure that personal data remains anonymous and secure.

Is Proxima Analytics Schrems II compliant?

Proxima Analytics has been designed with privacy as a top priority, ensuring that we are able to provide aggregated data without sacrificing privacy. Following the introduction of Schrems II, which implemented new regulations for data transfers between the EU and third countries, Proxima Analytics has made sure to fully comply with these rules. To learn more about our compliance with Schrems II, please visit our dedicated page on the topic.