RB takes data privacy very seriously, and we view the GDPR as an opportunity to enhance our commitment to data protection for the benefit our customers.

In effect from 25 May 2018, ReputationBuilder will Process Personal Data in accordance with GDPR requirements. https://www.eugdpr.org/.

1. Does GDPR affect me and my business?

If you have customers in the EU, plan to have customers in the EU – then yes.

2. My Business is not not based in the EU – do I need to be GDPR compliant?

Any business that collects, processes or handles data from the EU will need to comply with the GDPR regardless of whether they are physically located within the EU.

This said, we are not able to provide legal advice and highly recommend that you refer to your legal counsel or an applicable data supervisory authority for full details on whether you will need to comply to the GDPR.

3. If RB is GDPR compliant, does this also mean that my business is GDPR compliant because we are a RB client?

All data you collect using RB via Kiosk Mode and Unique Feedback URL is GDPR compliant as of May 25, 2018.

However, we cannot confirm that any customer data collected and processed outside of our platform and prior to importing into RB is GDPR compliant.

In other words: If “you” upload a customer list or add a customer manually we cannot confirm that “you” obtained GDPR compliant customer permission first.

4. Where does RB store and process data?

RB stores data in its secure AWS data centers in the United States (US). 

5. Is this reputation management system also HIPAA complaint?

Yes, ReputationBuilder is also ​HIPAA complaint.  See details here.