Here's a practical overview of what - at Batch - is available for you to comply with GDPR.
Legal-side: we've updated our standard contract with GDPR conformity and released our Data Processing Agreement (DPA) which you can find on https://dashboard.batch.com/gdpr as soon as you create an account with Batch here http://batch.com/register
SDK-side: since v1.12 our SDK offers new GDPR-dedicated methods to:
- Delete all locally stored user data for one-many specific user IDs;
- Make sure no data is ever tracked again locally for those IDs;
- Communicate with the server to delete all server-side stored data for those IDs.
- Enable default-opt-out mode: choose to not track any data upon SDK launch for all IDs, then add opt-in rules.
Server-side: we’ve opened a new GDPR-dedicated API and released a new dashboard feature to:
- Request access to all data stored for a specific user ID;
- Request that all or specific data shall be deleted for a specific user ID;
Our API also supports an OpenGDPR endpoint (https://opengdpr.org/).
IDs you/your users may use are either:
- Any Customer user ID (our customer’s IDs = your Company ID);
- Any IDFA/GAID;
- Any Batch Installation ID
Via the dashboard: The API features are also available in a GDPR Manager tool on our operational dashboard via Settings > GDPR.
In all cases, any/all deleted data resulting from manual action or normal devices uninstalls are permanently wiped from our databases under a 30 days max. retention period to make sure we comply with the 60 days max. official GDPR requirement.