Security, Privacy and GDPR FAQs

Yes. Local Reminder and our services are fully compliant with the GDPR as of Aug 1st, 2019.

Yes, from our end. Of course, if your customers are in a location where the GDPR applies, they need to make sure their business operation is compliant with the GDPR in its own right.

When registering for Local Reminder you voluntarily give us information such as your name and email address. You can access and update this information at any time in your personal Account Settings.

In addition, when you use our services, you give us the consent to use the following data:

• • • Email
    • IP address
    • Device ID
    • Name and surname (optional, not processed)
    • Phone number (optional, not processed)
    • Gender (optional, not processed)

The data we collect is required for us to provide you with our services and is used to improve Local Reminder.

Local Reminder is considered a Data Processor which means that Local Reminder controls how your user data is processed and is responsible for the data to be processed within GDPR regulations. Although Local Reminder owns the code, databases, and all rights to the Local Reminder applications, you retain all rights to your data.

When it’s absolutely necessary, we use GDPR-compliant third party services and hosting partners such as Google Firebase, AWS and Google G-Suite. In these cases, we take the necessary safeguards to ensure that we are GDPR compliant when sending and receiving data from the third party.

Check out Local Reminder’s privacy policies for more information.

Yes. When necessary, we use the following GDPR-compliant third party services:

• Amazon Web Services
• Google Analytics
• Google Firebase
• Zendesk
• SendGrid
• Mailgun
• Fabric (Crashlytics)
• Baremetrics
• MailChimp

Yes, we do. We process data in Quebec, CANADA. We only collect as little data as possible, and all data is encrypted using AES 256 encryption.

No, we never sell data.

Upon deleting your account, all your personal data will be removed from our production systems. Only an encrypted copy of your data will remain on our backup archives for 180 days. After this period, all data associated with your account will be deleted permanently.

Yes. We offer a DPA that has been pre-signed on behalf of Local Reminder. It can be completed by filling out your details and signing it. Please contact us for your further needs.

We restrict staff access to personal data to a very small number of employees those who need access for specific reasons to improve Local Reminder.

We regularly test, assess and evaluate the effectiveness of our processes and technology.

We use encryption to safeguard data.

When user data is stored in servers and databases, Local Reminder uses AES 256 encryption. When the data is being sent or received, it is encrypted with TLS 1.1 or above. Data backups on our server are encrypted with AES256 and signed by RSA with 2048 key length.

Additionally, Local Reminder creates automatic backups within the app on a daily basis for our users. We take the necessary safeguards to ensure that these are well protected by maintaining a security system that prevents unauthorized access.

Since GDPR has various requirements, your compliance needs will depend on your precise circumstances. If you have specific questions or needs, please contact the support team.