GDPR and Matrix Booking
The Data Protection Act 2018 controls how your personal information is used by organisations, businesses or the government.
The Data Protection Act 2018 is the UK’s implementation of the General Data Protection Regulation (GDPR).
“Everyone responsible for using personal data has to follow strict rules called ‘data protection principles’.”
UK and EU residents now have a much greater say and control over what, how, why, where, and when their personal data is used, stored and also deleted, or removed. GDPR clarifies how the UK and EU personal data laws apply within the UK and EU and globally when related to UK and EU residents. Any organisation that works with UK or EU residents’ personal data in any manner, irrespective of location, has obligations to protect the data.
Matrix Booking Ltd (the creators and owners of Matrix Booking) have a very strong commitment to data security, integrity and protection. Matrix Booking usage is funded entirely by subscription fees and as a result there is no third-party advertising used – meaning the data we store is only what is needed to provide the service you have purchased.
Matrix Booking is committed to its ISO 27001 standards and also ensures all of our suppliers have appropriate data protection and information security processes in place.
What we are doing for GDPR
The personal data that Matrix Booking captures is the minimum required to provide the service and all modules of the system have been reviewed to ensure this principle is adhered to. For full details of the collection, usage, storage, and disposal of this data please review our ‘Supplier Data Processing Agreement’.
one of the key elements of GDPR is access to data for our customers. Matrix Booking has always been open and transparent with the data and administrators of the system have always had the ability to view all information as and when required. In addition, we are also in the process of identifying key data protection staff within each of our client organisations as well as growing our own.
With the ever-increasing importance on individual’s data privacy and security, Matrix Booking continually reviews and tightens its security controls and processes to provide complete confidence to our customers. This ranges from continual improvement via ISO frameworks through to technical and architectural enhancements in cloud security provision.
GDPR gives UK and EU residents (although we apply this to all users of the Matrix Booking products and modules) the right to either receive all the data provided and processed by the controller or transfer it to another controller depending on technical feasibility. Any user of the system may request this data and so Matrix Booking has always had the ability to extract all information as and when required via administrator
What does this mean for our customers?
Meeting the GDPR requirements is a key element for many of our customers and so we are keen to ensure our contribution to that will enable you to complete the process as quickly as possible.
For Matrix Booking there are TWO elements that we can provide you in order to do this:
- Please complete a Data Processing Agreement, sign it and email it to: firstname.lastname@example.org
- Review the below Q&A as it should provide you with everything you need to know to complete your GDPR requirements for Matrix Booking.
GDPR specific questions and answers
Matrix Booking uses some personal data in order to provide a resource booking service to your company whether this be desks, rooms, transport or any other form of resource.
As such only the minimum information required is used, and some of this information is optional as defined by administrators within your company (for example, meeting titles).
The data captured is used for the purposes of fulfilling the service of booking and managing resources as defined by the scope of the contract. In addition, a subset of the data may also be used to diagnose and resolve any issues raised by the customer themselves with the Matrix Booking Support Team.
The data provided is processed for the lifetime of the contract unless otherwise stipulated within the contract – beyond the contract period the data is historically stored based again on the terms of the original contract.
The following are the key elements of data that Matrix Booking uses in order to deliver the service:
- Full name
- Telephone number (if provided)
- Resources booked along with date, time, and meeting/booking title
- Customers / Clients IP address
- Attendees email addresses if added to a booking
- Any text transmitted in support questions raised with the Matrix Booking Support Team
The above data is processed for all users of the Matrix Booking system.
Yes, you can contact our data protection office for Matrix Booking Ltd. By emailing email@example.com
All new customers, by default, have their data stored and sent only within the EU. If you are a long-standing customer, you may still be using a mail provider based in the USA, in which case, should you wish to move to an EU provider, we will do this for you free of charge. Should you wish to see the full details of our data storage locations then please request access to our list of sub-processors.
Yes, we keep a list of our sub-processors, what data they hold, what they are used for, where they are located and how long the data is kept. You can obtain a list of these sub processors from your account manager (if you are an existing customer) or from your sales person should you be considering our product.
If you have any questions beyond this, or if you require us to review your own data processing agreement then please contact your account manager (or email firstname.lastname@example.org if you are not sure who your account manager is). Please note if additional processing is involved there may be a small Professional Services fee applied.
Book your demo today
"*" indicates required fields