What is GDPR and How Does it Affect You?

What is GDPR and how does it affect you? By now, you may have heard about a “little, ole” thing called GDPR.  Maybe you’re receiving a barrage of emails from companies telling you about your privacy rights and their privacy policies.  Well, buckle up because here’s another one! All joking aside, it is really important for people to know how companies are using their information. Mostly, GDPR applies to citizens of the EU (European Union), but this is good information for everyone to know. Spammers and hackers are hard at work behind the scenes trying to get their hands on your information and companies can vary widely in how willing they are to “share” your information with others.  As we are all painfully aware, ethics among companies vary wildly and some companies can’t wait to make money by selling your information to anyone willing to buy it and some companies have made it into the news for data breaches or other ways they were unable to keep users’ data secure.  It’s a big problem.

GDPR is an acronym for General Data Protection Regulation.  Like I said earlier, this only applies to EU citizens, but, quite honestly, I wouldn’t be surprised if we see different versions of GDPR implemented worldwide in the near future.  The reason why this seems like a such a big deal now is because this massive regulation takes effect May 25.  That’s tomorrow for those of you playing along at home.

This bill sounds scary to companies which is why you may be seeing bits of panic showing up in your inboxes.  Let’s break it down into its pieces and see what it means for you.

First and foremost, if you live outside of the EU, none of these regulations will apply to you.  However, you will want to stick around because later on, I will offer some helpful suggestions for keeping yourself and your data safe online.  I’ll also tell you what Curriculum Crossroads collects from its users and what it does what that data.  Spoiler Alert:  We don’t collect much and we don’t do much with it.

In a nutshell, GDPR seeks to make companies servicing EU citizens more accountable for how they collect user data and what they do with it.  It levies potentially huge fines for violators of this regulation.  The GDPR gives EU citizens the:

Right to Access

EU users have the right to access their personal data on a company’s website and get information about how that information is being used.  Upon request, a company must an overview of the types of data being collected and processed along with a copy of the user’s actual data.  At this time, the company needs to provide the user information about who that data is shared with and how it got your data in the first place.

Right to Erasure

EU users have the right to request that all of their data be deleted from a company’s website and/or database.

Companies must now obtain a user’s explicit permission to collect data and put you on mailing lists.  Users must be able to clearly understand what information is being requested of them, what it will be used for, how it’s being collected, and how it will be stored, shared, or disposed of.

What is GDPR and How Does it Affect You?

This leads me to the second point of this article.  The most secure information is the information you don’t provide at all.  Just because a company asks for information doesn’t mean you have to provide it to them.  Let’s face it – here in the year 2018, life without the Internet is nearly impossible.  There are entire companies who operate solely online.  They provide valuable products and services that make our lives easier and better. However, we all know there are dark elements lurking around online and, frankly, they’re up to no good. Thankfully, there are several things you can do to keep your information safe when you’re online:

  • Be careful and use discretion about what information you provide online.  If a company doesn’t explicitly require you to put in information like your street address or phone number and there isn’t another compelling reason for them to have that information, don’t enter it in.
  • When making a purchase online or paying a bill, watch for the option that allows the company to store your payment information on their server.  Always, uncheck that option and do not let them store your payment information.  In the event of a hack, your information is ripe for the taking.
  • It’s a good idea to have one credit card only to use online.  That way, if a breech does happen, you know where to look for any inappropriate activity and you don’t have to cancel all your cards because you don’t know which one the hackers got.  Make sure it’s a credit card, too, not a debit card.  Credit cards come with all sorts of protections in the event of a theft so you aren’t liable for purchases made by the thieves.
  • If you are going to use gift cards for purchase in lieu of credit cards, make sure you keep accurate records of what gift cards were used for specific purchases and never throw away the physical cards.  In the event of a refund, you may need the number and other information on the gift card in order to get your money back.
  • It’s always a good idea to use a password vault to keep track of your passwords.  Good online security practices tell us that we should never use the same password on multiple websites.  The real world tells us we have no chance of remembering a different password for each website we use.  This is where a password vault is handy.  You remember one password to log into your vault and it fills the rest in for you when it comes time to log in.
  • Never, ever, ever log into your account on an important website (like Amazon, bill paying sites, your bank, budget trackers, etc.) on a public network (like at a coffee shop or in a hotel).  This is a prime way for hackers and thieves to get sensitive information that would allow them to cause a lot of havoc in your life.
  • When you receive an email from a company, always check to see if it has an unsubscribe link at the top or bottom.  All emails, besides emails related to a transaction or your account with that company, must have a link to unsubscribe. This especially applies to marketing emails.  If you receive any email that does not have an unsubscribe link anywhere on it, be very suspicious.  No reputable company will send you emails you cannot unsubscribe from according to anti-spam laws in the US and EU.

What is GDPR and How Does it Affect You?

Now, onto the third point of this article.  Since we’re on the subject of online safety and security along with keeping your information safe, I thought it would be a good time to discuss what Curriculum Crossroads collects on its customers and what we do with it.  It’s pretty simple really!

What information does Curriculum Crossroads collect?

It kind of depends on what you’re purchasing on our site.  If you’re purchasing downloadable titles only, the only data we collect is:

  • The username you selected when you created an account on Curriculum Crossroads
  • Your name
  • Your email

If you’re enrolling in online classes, we collect:

  • The username you selected when you created an account on Curriculum Crossroads
  • Your name
  • Your email
  • The name of your student(s) so we can provide teachers with a class roster so they know who is in their class(es).
  • The email address(es) of your students so we can get them enrolled in their class pages.

For customers only purchasing a downloadable title or enrolling in an online class, we don’t need to ship you anything so we don’t need your street address or phone number.  We have fields for address and phone number on the checkout form, but you can ignore them.  In fact, we’d appreciate it if you did ignore those fields.  We like to keep as little information on our servers as possible.

If you’ve purchased a physical product, we collect:

  • The username you selected when you created an account on Curriculum Crossroads
  • Your name
  • Your email
  • Your street address (so we can ship your purchase to you)
  • Your phone number (in case there is a problem with your order or shipment)

What if I entered my address or phone number and I didn’t need to?

No problem! We conduct regular audits and erase all unnecessary personal information from our site.

What about payment information?

We conduct all purchases and payments via PayPal.  We do not collect, store, or even run any payment information through our servers.  All that information goes through PayPal, which is trusted worldwide for their security when making payments.  They are the leader when it comes to state-of-the-art online security.

Can I ask what information you have collected on me?

Even though we are based in the United States, we do have customers who live in the EU, but mostly we strongly believe in ethical business and data privacy practices.  If you’re ever curious about what information we have for you, just drop an email to our Customer Support Team at customersupport@curriculumcrossroads.com and they will provide you with a report of what we have.

What if I don’t want you to have my information anymore?

That’s no problem!  Just contact our Customer Support Team at customersupport@curriculumcrossroads.com and they will work with you to get your data deleted off our server.

What about mailing lists?

All of our mailing lists are now GDPR-compliant meaning they are in line with the toughest anti-spam regulations in the world.  We also use a double opt-in feature for all of our email list sign-ups.  This means that you must complete both opt-ins to receive newsletters from that list.  If you sign up and then change your mind, simply let the second opt-in go uncompleted and you will not be subscribed to that email list.  If you are already subscribed to an email and you decide you no longer want to get those emails, simply use the unsubscribe link at the bottom of each email to take yourself off the list.

How is Curriculum Crossroads protecting the information it has about me on its servers?

We use the latest security procedures and plugins.  We also regularly monitor for unusual activity and we have a cybersecurity expert on staff for consultations on the best security practices for our site.

Do you ever share or sell information on your customers?

Nope, never! We will not ever share or sell your information.  Our customers’ trust in us is worth more than anything else.

At Curriculum Crossroads, we are passionate about data security and privacy.  We take all the precautions we can to protect your accounts with us and we love to educate users about their rights online.  We also love to educate our students about how to stay safe online.  If you’re interested in help your student understand how to be safe online, try our free self-paced course on Cybersafety for Kids and Teens.

If you ever have any questions our what data we collect, how we collect it, and how we use it, please refer to our Privacy Policy.

Leave a Reply

Your email address will not be published. Required fields are marked *