New Data Protection Regulations come into force on the 25 May 2018. Known as the General Data Protection Regulation (GDPR), they significantly increase data protection obligations and the rights of individuals. Our privacy policies have been updated to comply with the GDPR and can be viewed here and here. They explain how we lawfully use personal data we hold and explain the rights of our customers and users.
Regarding data security, all databases are encrypted, including the local database used by Golden Records. Backups are encrypted, as are the data files used by Golden Arrow. Connections to the cloud server are also encrypted. Website connections are now SSL only, and weak protocols are disabled.
GDPR also places on data controllers an obligation to not keep data when it is no longer needed and to obtain explicit consent to the processing of that data. We do not share your data with anybody else. When you send us data to investigate a problem or for help, we will destroy that data when it is no longer needed. Cloud users will have noticed that when they log in to the cloud, they are being prompted to give explicit consent for data storage. New users now have to give consent as part of account activation.