At Tangent.ai, we take privacy seriously and have made great efforts to protect the privacy of anyone who interacts with our services, both directly and indirectly.
In this article, we’ll describe how Tangent.ai complies with the General Data Protection Regulation (GDPR) to protect the rights of all Data Subjects.
GDPR is the privacy and security law drafted and passed by the European Union (EU) and implemented into UK law by the Data Protection Act 2018. It imposes obligations onto organizations anywhere, so long as they target or collect data related to people located in the EU (for EU-GDPR) and the UK for the UK implementation of GDPR via the Data Protection Act 2018 (“UK-GDPR”). When we refer to “GDPR” we mean both the EU GDPR and UK-GDPR and when we refer to “Europe” we mean the EU and UK.
Merchants (store owners) are the data controllers for GDPR.
In terms of personal data received from Merchants, via eCommerce platforms, Tangent.ai is a data processor.
We will process the personal data of your buyers/customers on behalf of the Merchant, the data controller.
As a data processor, we will help you, the Merchant to fulfill the Data Subject Rights, and in particular, we will:
We are referring to users of your store as customers. In a few cases, we will also process data you have provided to us that is not from (potential) customers.
When receiving personal information, directly from a merchant of an eCommerce store, an influencer, or a customer, they create an account using our services and otherwise interact directly with our website, Tangent.ai is the Data Controller.
Tangent.ai aims to take reasonable steps to allow the data subject the right to correct, amend, delete, or limit the use of your Personal Data, and in certain circumstances, as a data subject, you have the right to:
The right to data portability for the information you provide to Tangent.ai. You can request to obtain a copy of your Personal Data in a commonly used electronic format so that you can manage and move it.
As a data processor, we provide you with a Data Processing Addendum (DPA) that serves as a record of Tangent.ai’s processing activities.
Similarly, Tangent.ai has signed DPAs (and in some cases, Standard Contractual Clauses) with some sub-processors authorized by us to further process your personal data.
We currently authorize some third-party sub-processors to process your data depending on which functions you enable with the Tangent.ai quiz. The most common sub-processors and their services include:
You can find an extensive list of Tangent.ai’s subprocessors here.
If you integrate Tangent.ai with other apps, the personal data of you and your customers will be processed by these apps.
We are running on Microsoft Azure Cloud Computing Services. Microsoft conducts recurring assessments to ensure compliance with industry standards. In particular, their data center operations have been accredited under:
