mySugr receives tons of data from monster tamers like you around the globe. With the help of this information, you give us the privilege of empowering you in your everyday therapy decisions. (Read more about this in our blog post “What has my data done for me lately?”).
The data you give us also contains sensitive health data and personal information, and by handling this kind of data our company has to make sure that your data is secured in every possible way. That has always been the case, right from the start. Therefore, we are glad to embrace this new high standard of data protection.
We put our monster tamers in charge
But how is the GDPR helping YOU to protect your data? For you, as a mySugr user, the GDPR guarantees several personal data rights, which we will now walk through step by step.
No processing without consent
Protecting your data and putting you in charge of deciding what can and can’t be done with is our number one priority here at mySugr. You are in command of your data and you decide what it should be used for. Of course, it would be valuable for us and the whole community if you allow us to work with your data to improve mySugr.
We’d also love your consent to ask questions, keep you updated with valuable information, and share occasional tips & tricks to make diabetes suck less. If you’re a registered mySugr user, keep an eye on your inbox in the coming days for these requests.
Right to be forgotten
You know the old saying “The Internet never forgets anything!”? Well, with the GDPR it has to. The GDPR, by law, regulates that all data which are no longer necessary for the original purpose must be deleted. You can also just request a deletion of your data without giving reasons and your data has to be deleted right away.
Right to restriction of processing
At your request, we have to stop processing your data. That means that all your data is still stored, but we are not allowed to do anything with it. This would also mean it is impossible for us to further help you taming your diabetes monster. (we would be very sad…)
Right of access
“What data does mySugr have from me?” Interesting question. Of course we know exactly what data we are working with and we would be glad to share it with you. Furthermore, we’re happy to tell you what happens with it and who we team up with to manage it (more information on tools we use can be found below).
Right of rectification
We want to make sure that all our monster tamers’ information is up-to-date. So if you think that your personal data is not complete or inaccurate you can contact us right away to ask for corrections.
Right of portability
At your request, we will provide you your personal data in a CSV file. We will do our best to provide you all the information as fast as possible.
What we do to be GDPR compliant
Keeping your data safe is our number one priority! Here’s a whole blog post on that topic.
To help us safely handle all the data, we need qualified support from external companies. And we are very picky when it comes to the tools we choose to work with. They have to follow the same high standards on personal data protection and be GDPR compliant. We have reviewed their processes and signed specific contracts with every single one of them. In short, they help us handle the data, but in the end, we tell them what to do with it because we are acting on your behalf.
We recently audited all possible data flows at mySugr to know where the data is processed and who has access to it at any time. We always know what happens with your data and make sure that it is handled safely and responsibly.
As we finalize GDPR preparations, we are training all mySugr employees to ensure everyone knows what’s expected of them and how to do their part.