At Hush, we make personal data protection our priority every day, and most of our company policies are already in line with the GDPR. The changes you will see in the spring at Hush will be minor, and for the most part, simply make more visible the courtesies we currently provide our customers.
Under the GDPR, businesses must acquire clear consent from individuals to use their data for specific purposes that are spelled out in detail. With that in mind, we are expanding the consent form that customers fill out when they sign up for a Hushmail account. It will require customers to actively consent to specific uses of their data. Hushmail customers will also be able to easily withdraw their consent at any time with a separate, easy-to-fill-out webform.
Continuing rigorous protections
Securing data is an ongoing process and we will continue to provide the same rigorous protections Hushmail customers are used to. Hush has always been diligent about securely storing and not sharing customers’ personal data, and we adhere to a policy of full transparency in case of a data breach, similar to the rules set forth by the GDPR. That policy requires immediate notification, a clear description of the breach, and a recommendation of what the individual can do to protect themselves from harm related to the breach.
Providing an easy exit
The GDPR gives individuals comprehensive rights to access, correct, port, erase, and object to the processing and storage of their data. If a customer decides to leave Hushmail, under the GDPR they will have the right to have their personal data fully erased from Hushmail databases. In compliance with the GDPR, we will make it quick and easy for customers to make this request.
Although the GDPR will only directly affect our EU customers, the rules support what has always been our closest held value, the right to private communication. All Hushmail customers, not just those in the EU, can expect to benefit from the changes mentioned above.
The rules of the GDPR are the most comprehensive guidelines for personal data protection set forth by any governing body, and we expect that they will greatly add to the ongoing conversation about privacy. This is a conversation Hush firmly supports, as the GDPR inspires the growth of privacy rights around the globe.