Our Commitment to Data Protection

Here at WebSpellChecker, we are committed to compliance with the General Data Protection Regulation (GDPR), a new EU data privacy regulation that will go into effect May 25, 2018. The regulation is designed to give EU citizens more control over their data and to unify a number of existing privacy and security laws under one comprehensive law.

Our customers can have confidence that we have made GDPR a priority and has devoted significant resources toward our efforts to comply with GDPR. We have closely analyzed the requirements of the GDPR and are working to make enhancements to our products, contracts, and documentation to help support WebSpellChecker’s and our customers’ compliance with the GDPR. 

The GDPR applies to all companies that do business with EU citizens or process data of EU citizens regardless of the location of the company that is processing such data. To that end, the GDPR applies to WebSpellChecker.

We will keep you informed through our website about our compliance with the GDPR requirements, however, should you have any questions or concerns, please do not hesitate to contact our legal department at privacy@webspellchecker.net.

What We’re Doing?

We strive for transparency with our customers and partners. In that spirit, we want to share some examples of what we have in place to prepare for the GDPR and how customers can partner with us to support their GDPR compliance initiatives:

  • Data Processing Addendum. We're offering our customers a GDPR-compliant Data Processing Addendum (“DPA”) to the Terms of Service, as well as Standard Contractual Clauses governing the processing of EU personal data. If the GDPR applies to your company and you don’t already have a DPA in place with us, please go to the DPA page download the DPA. Follow the instructions provided to sign and return it to us.
  • Privacy Policy. We have updated our Privacy Policy that goes into effect on May 25, 2018. It provides transparency with respect to our data collection and handling practices. 
  • Cookies Policy. We’ve added a new Cookies Policy to make it easier to review alongside our use of cookies and other technologies.
  • Security Measures. We’ve implemented a number of technical and organizational safeguards designed to protect the security and integrity of your data. 
  • Data Security Officer. We’ve appointed a Data Protection Officer (DPO) to oversee our privacy and data protection compliance. Get in touch directly at privacy@webspellchecker.net.
  • Lawful Basis for Data Collection and Processing. We collect and process personal data only to the extent we have a lawful basis for doing so. Personal data of our customers and their authorized users of WebSpellChecker’s proofreading services is processed in order to provide such services pursuant to the Terms of Service and in accordance with the Privacy Policy and DPA. We obtain consent before collecting personal data for any other reason and gives data subjects the opportunity to withdraw consent at any time.
  • Subprocessors. We’re working with all relevant 3rd party vendors and subprocessors to make sure they’re GDPR-ready and that we have signed DPAs. You may find the full list of our subprocessors as well as purposes of subprocessing and subprocessors locations on the WebSpellChecker Subprocessors page.
  • Training. We ensure our staff that access and process your personal data have been trained in handling that data and are bound to maintain the confidentiality and security of that data.
  • Privacy by Design. For every new product and enhancement, we will be proactively applying the data protection by design principles.

What You Need to Do?

  • If the GDPR applies to your company and you don’t already have a DPA in place with us, please download the DPA and follow the instructions provided to sign and return it to us.
  • You should also review your Terms of Service, Privacy Policy and Cookies Policy to understand our practices and commitments regarding data privacy and to confirm that they’re consistent with how you’re using our services to collect, process and use customer data.

Stay Updated

We will keep you informed through our website about our compliance with the GDPR requirements, however, should you have any questions or concerns, please do not hesitate to contact us at privacy@webspellchecker.net.



GDPR FAQs

What is GDPR?

The General Data Protection Regulation (GDPR) is a new European privacy law due to become enforceable on May 25, 2018. The GDPR will replace the EU Data Protection Directive, also known as Directive 95/46/EC, and is intended to harmonize data protection laws throughout the European Union (EU) by applying a single data protection law that is binding throughout each member state.

What does the GDPR regulate?

The GDPR regulates the data processing for all EU individuals including collection, transfer, use, and storage. All organization that processes personal data of EU individuals is within the scope of the law. Moreover, it is not essential whether the organization has physical offices in the EU or not. Importantly, under the GDPR, the concept of “personal data” covers any information relating to an identified or identifiable individual (“data subject”).

Who does the GDPR apply to?

The GDPR applies to all organizations established in the EU and to organizations, whether or not established in the EU, that process the personal data of EU data subjects in connection with either the offering of goods or services to data subjects in the EU or the monitoring of behavior that takes place within the EU. Personal data is any information relating to an identified or identifiable natural person. 

What are the Model Clauses?

The Standard Contractual Clauses (also known as "model clauses") are a set of standard provisions defined and approved by the European Commission that can be used to enable personal data to be transferred in a compliant way by a data controller to a data processor outside the European Economic Area (EEA).

Is WebSpellChecker GDPR-compliant?

Yes, WebSpellChecker is GDPR-compliant. For more details, see our GDPR services readiness and commitment announcement on the WebSpellChecker's GDPR Commitment page.

What has WebSpellChecker been doing in preparation for the GDPR?

We believe that the GDPR is a significant step forward in data privacy and support the GDPR’s emphasis on strong data privacy protections and security principles. We are committed to ensuring that we are GDPR-compliant when the law becomes enforceable on May 25, 2018 and is dedicated to helping our customers become GDPR compliant.

Here are some steps that we have already performed towards being GDPR-ready:

  • We're offering our customers a GDPR-compliant Data Processing Addendum (DPA) to the Terms of Service, as well as Standard Contractual Clauses governing the processing of EU personal data.
  • We have updated our Privacy Policy that goes into effect on May 25, 2018. It provides transparency with respect to our data collection and handling practices.
  • We’ve added a new Cookies Policy to make it easier to review alongside our use of cookies and other technologies.
  • We’ve implemented a number of technical and organizational safeguards designed to protect the security and integrity of your data.
  • We’ve appointed a Data Protection Officer (DPO) to oversee our privacy and data protection compliance. Get in touch directly at privacy@webspellchecker.net.
  • Personal data of our customers and their authorized users of WebSpellChecker’s proofreading services is processed in order to provide such services pursuant to the Terms of Service and in accordance with the Privacy Policy and DPA. We obtain consent before collecting personal data for any other reason and gives data subjects the opportunity to withdraw consent at any time.
  • We’re working with all relevant 3rd party vendors and subprocessors to make sure they’re GDPR-ready and that we have signed DPAs. You may find the full list of our subprocessors as well as purposes of subprocessing and subprocessors locations on the WebSpellChecker Subprocessors page.
  • We ensure our staff that access and process your personal data have been trained in handling that data and are bound to maintain the confidentiality and security of that data.
  • For every new product and enhancement, we will be proactively applying the data protection by design principles.

Does WebSpellChecker offer a Data Processing Addendum (DPA)?

Yes. We offer our customers a GDPR-compliant Data Processing Addendum (DPA) to the Terms of Service, as well as Standard Contractual Clauses governing the processing of EU personal data. Our DPA outlines the privacy and security protections we have in place. We are committed to GDPR compliance and to helping our customers comply with the GDPR when they use our services.

If the GDPR applies to your company and you don’t already have a DPA in place with us, please go to the DPA page download the DPA. Follow the instructions provided to sign and return it to us.

Does the WebSpellChecker Data Processing Addendum (DPA) contain the Model Clauses?

Yes, our DPA contains the Model Clauses. It gives us a legal basis for personal data to be transferred in a compliant outside the European Economic Area (EEA).

Can I make changes to the WebSpellChecker DPA?

The WebSpellChecker DPA is an extension of our Terms of Service and reflects our compliance with GDPR requirements (including those specifically set forth under Article 28) as applicable to our Services. Just as with our Terms of Service, we're unable to make any changes to our DPA on a customer-by-customer basis.

Am I required to sign the WebSpellChecker DPA?

In order to use our products and services, you need to accept our DPA. By agreeing to our Terms of Service, you are automatically accepting our DPA and do not need to sign a separate document.

Whom I should contact if I have questions regarding WSC and GDPR?

If you have any questions about security, reliability, privacy, and GDPR please reach us at privacy@webspellchecker.net.

Does WebSpellChecker have a notification process in place in the event of a data breach?

We will inform you promptly in the event we learn of any unauthorized access, disclosure, or destruction of your customer data per the terms of your agreement with us.

Has WebSpellChecker appointed a Data Protection Officer?

Yes. We’ve appointed a Data Protection Officer (DPO) to oversee our privacy and data protection compliance. Get in touch directly at privacy@webspellchecker.net.

Does WebSpellChecker use subprocessors to further process customer data?

WebSpellChecker uses 3rd party subprocessors to provide infrastructure services and to help us provide customer support and email notifications. You may find the full list of 3rd party subprocessors engaged by us on the WebSpellChecker Subprocessors page. 

What is WebSpellChecker’s role under GDPR?

We act as both a data processor and a data controller under the GDPR.

  • WebSpellChecker as a data processor. When customers use our products and services to process EU personal data, we act as a data processor. For example, we will be a processor of EU personal data and information that are sent for proofreading via our services. This means we will, in addition to complying with our customers' instructions, need to comply with the new legal obligations that apply directly to processors under the GDPR.
  • WebSpellChecker as a data controller. We act as a data controller for the EU personal data we collect to provide our products and services and to provide timely customer support. This customer information includes things such as customer name and contact information.

Where does WebSpellChecker store and process my data?

WebSpellChecker stores and processes data in its AWS data centers located in the U.S.

As WebSpellChecker performs processing inside the United States (as we are using AWS data centers located in the United States), use of our service may involve exporting your Personal Data outside of the European Economic Area (EEA). In such a case, you should consider using our new Data Processing Agreement (DPA). This agreement contractually gives your personal data the same protections as if the data was being processed inside of the EEA and complies with the GDPR personal data export requirements.

What's changing with our new Privacy Policy?

We have released an update to our Privacy Policy which comes into effect starting on May 25th, 2018. Our Privacy Policy updates will give you more clarity and control over how we collect and use your personal data when delivering our products and services.