CodeBerry GDPR Data Protection Impact Assessment (DPIA)
 Share
The version of the browser you are using is no longer supported. Please upgrade to a supported browser.Dismiss

 
View only
 
 
ABCDEFG
1
CategoryFieldReason for having itLegal basis for storageThird-parties it's shared withHow is it protected from breachesWhat else is it used for
2
User identificationFirst and last nameto identify and address the useruser consentPayPal / Paymentwall (if used)Using SSL/TLS (HTTPS) on web, SHA256 keys and bastion architecture for server SSH access, database password securely stored with a 256-bit AES keys, two-step authentication for database backup access.-
3
User identificationFacebook / Google / Slack OAuth tokens, ids, names and email addressesto identify the useruser consentFacebook / Google / Slack (if used)Using SSL/TLS (HTTPS) on web, SHA256 keys and bastion architecture for server SSH access, database password securely stored with a 256-bit AES keys, two-step authentication for database backup access.-
4
User identificationEmail address and password SHA512 hashto identify the useruser consent-SHA512 hashing. Also, using SSL/TLS (HTTPS) on web, SHA256 keys and bastion architecture for server SSH access, database password securely stored with a 256-bit AES keys, two-step authentication for database backup access.-
5
LocaleCountry and preferred languagefor localizationlegitimate interests of the companyIntercomUsing SSL/TLS (HTTPS) on web, SHA256 keys and bastion architecture for server SSH access, database password securely stored with a 256-bit AES keys, two-step authentication for database backup access.statistics made from anonymous data
6
PermissionsUser's feature access and admin permissionsessential to provide our servicelegitimate interests of the company-Using SSL/TLS (HTTPS) on web, SHA256 keys and bastion architecture for server SSH access, database password securely stored with a 256-bit AES keys, two-step authentication for database backup access.-
7
PermissionsEmailing permissionsessential to provide our service and have a good user experiencelegitimate interests of the companyIntercomUsing SSL/TLS (HTTPS) on web, SHA256 keys and bastion architecture for server SSH access, database password securely stored with a 256-bit AES keys, two-step authentication for database backup access.-
8
PermissionsPolicy consent info for different policieslegal obligation to GDPRlegitimate interests of the company-Using SSL/TLS (HTTPS) on web, SHA256 keys and bastion architecture for server SSH access, database password securely stored with a 256-bit AES keys, two-step authentication for database backup access.-
9
PermissionsUser data deletion request historyessential to comply with both GDPR and Hungarian lawlegal obligationIntercomUsing SSL/TLS (HTTPS) on web, SHA256 keys and bastion architecture for server SSH access, database password securely stored with a 256-bit AES keys, two-step authentication for database backup access.We have a legal obligation to retain non-anonymized transaction+invoicing history for 10 years according to Hungarian law. All other data is deleted upon user request or inactivity of 26 months.
10
Learning activityAssignment submissions, points and badges, activity on the websiteessential to provide our service and have a good user experiencelegitimate interests of the company-Using SSL/TLS (HTTPS) on web, SHA256 keys and bastion architecture for server SSH access, database password securely stored with a 256-bit AES keys, two-step authentication for database backup access.statistics made from anonymous data
11
Traffic source dataUTM source, medium, term, content and campaignto understand where users find CodeBerrylegitimate interests of the companyGoogle Analytics, IntercomUsing SSL/TLS (HTTPS) on web, SHA256 keys and bastion architecture for server SSH access, database password securely stored with a 256-bit AES keys, two-step authentication for database backup access.statistics made from anonymous data
12
Traffic source dataCoupon code, referrer codeto understand where users find CodeBerry, for cross-marketing agreements, and to provide a customized service to users arriving from partnerslegitimate interests of the companyIntercomUsing SSL/TLS (HTTPS) on web, SHA256 keys and bastion architecture for server SSH access, database password securely stored with a 256-bit AES keys, two-step authentication for database backup access.statistics made from anonymous data
13
SubscriptionsSubscription period counts (active, refunded, discounted)legal obligation to Hungarian governmentlegal obligationPayPal / Paymentwall (if used)Using SSL/TLS (HTTPS) on web, SHA256 keys and bastion architecture for server SSH access, database password securely stored with a 256-bit AES keys, two-step authentication for database backup access.statistics made from anonymous data
14
SubscriptionsCurrent and past plan details (type, name, gross amount, currency, period)legal obligation to Hungarian governmentlegal obligationPayPal / Paymentwall (if used)Using SSL/TLS (HTTPS) on web, SHA256 keys and bastion architecture for server SSH access, database password securely stored with a 256-bit AES keys, two-step authentication for database backup access.statistics made from anonymous data
15
SubscriptionsTransaction details (type, amount, currency, invoice language, invoice identifier number, request and fulfillment date/time)legal obligation to Hungarian governmentlegal obligationPayPal / Paymentwall (if used)Using SSL/TLS (HTTPS) on web, SHA256 keys and bastion architecture for server SSH access, database password securely stored with a 256-bit AES keys, two-step authentication for database backup access.-
16
SubscriptionsTransaction handler (Braintree / PayPal, paymentwall) name, merchant ID, plan ID, subscription ID, token ID, customer ID), reference IDlegal obligation to Hungarian governmentlegal obligationPayPal / Paymentwall (if used)Using SSL/TLS (HTTPS) on web, SHA256 keys and bastion architecture for server SSH access, database password securely stored with a 256-bit AES keys, two-step authentication for database backup access.-
17
SubscriptionsInvoiced person or company name, postal code, street address, city, country, company tax number, EU VAT compliancelegal obligation to Hungarian governmentlegal obligationPayPal / Paymentwall (if used)Using SSL/TLS (HTTPS) on web, SHA256 keys and bastion architecture for server SSH access, database password securely stored with a 256-bit AES keys, two-step authentication for database backup access.-
Loading...
Main menu