Under the GDPR, we must notify any data breach to the ICO within 72 hours of discovering the breach.
In the event of a breach we would provide the controller with:
- A description of the nature of the breach
- Contact details of the responsible person within the company
- Likely consequences of the breach
- Proposed and imposed measures that were taken to limit harmful effects
We would stress again that we have comprehensive technical and organisational security measures in place to mitigate against a data breach.
Our system fully adheres to Article 20 of GDPR “Right to data portability”. Users can export all personal data as well as all data they have generated in the system (such as posts, connected social media accounts and so on).
Export is accessed via: https://app.chooseholly.com/settings#/data-export (replace the Holly Social URL with your own whitelabel URL).
Our system fully adheres to Article 17 of GDPR “Right to erasure (‘right to be forgotten’)”. Users can delete their account and all associated data (as seen under “Data portability) will also be removed.
In the case where a user was invited to a team, any team content they have created (such as social media posts) will have its ownership transferred to the Team Owner and all data connections that linked to the User will be removed. If the User is also the Team Owner, then all Team Data will be removed.