fccDataPrivacy for SMB
Companies are subject to data protection law (EU-DSGVO, ePrivacy, local law).
We are often in contact with SMBs who claim to comply with the GDPR just because they provide a privacy statement and a cookie banner (created by adapting generic templates or using freeware generators available on the market). As described under Everyone is talking about Data Protection, GDPR compliance means much more, including the creation and maintenance of processing activities, storage of all consent events, regular review of GDPR-relevant documents for changes to the legal basis (data protection declaration, cookie regulation, etc.), the support of various processes to cover user rights and much more.
fccDataPrivacy for SME is a full GDPR implementation at an affordable price.
fccDataPrivacy for SME provides a hosted integrated data protection platform that includes all GDPR relevant elements:
- Preparation of legal documents (privacy statement, cookie directive and banner)
- Processing activities and the corresponding contract processing agreements
- Automated update of legal documents in the event of changes to the law
- Installation instructions of the solution for the client's web environment
- Backend view (approval, processing agreements)
- Employee training and training certificate
- And much more.
fccDataPrivacy for SMEs is offered in 3 editions:
Descriptions of the functions:
Legal documents are: According to Article 30 GDPR (processing activities), each controller must maintain (and keep up to date) a processing register. This includes For supported club administration software, the processing activities in fccDataPrivacy is already defined for clubs. These processing activities are based on the functional capabilities of the respective club administration software and not on the actual use in a club / association. If desired, the processing activities can be adapted to the actual use (project according to expenditure). Generally the processing of personal data of natural persons is prohibited (Art. 6 GDPR, lawfulness of processing), unless it is explicitly permitted by a number of recitals. One of these recital is consent. Consent is required for all newsletters or online orders, i.e. for all web forms that collect personal data. The website operator (responsible person) must be able to prove consent, i.e. all given consent must be stored. fccDataPrivacy stores all consents in the background and makes them available in the admin portal. Consent includes: According to Art. 12 (Rights of the Data Subject) and 13- 22 (Information and access to personal data), GDPR provides the following rights for individuals (aka data subjects, users): fccDataPrivacy has implemented these rights and the related processes can be triggered within the Admin Portal. The admin portal contains all the functions, documents and data required for ongoing operations, including auto trail (proof of change). Both the website and the admin portal are state-of-the-art protected against cyber attacks and access to the admin portal is additionally secured with two-factor authentication. As a registered customer, your defined users have access to a Learning Management System (Campus) which offers initial and ongoing learning lessons about GDPR and how to use GDPR in a Club. Each learning session is accompanied by a short examination (Quizz). When passing the quizz with 75% correct answers the user will receive a certificate and this education will be registered within your education evidence (which is a legal obligation to demonstrate the education proof). Registered customers have access to a ticketing system in order to report problems.
The data protection declaration (GDPR Art. 13 and 14) describes how data (in particular personal data) is processed by an organisation, i.e. how this data is collected, used and whether it is passed on to third parties. In addition, it is often described what measures the organisation takes to ensure the privacy of its customers or users.
The fccDataPrivacy website doesn't use any tracking Cookies.
Individuals have the right to be informed about the collection and use of their personal data. This is a key transparency requirement under the GDPR.
Individuals have the right to access their personal data.
The GDPR includes a right for individuals to have inaccurate personal data rectified, or completed if it is incomplete.
The GDPR introduces a right for individuals to have personal data erased. The right to erasure is also known as ‘the right to be forgotten’.
Individuals have the right to request the restriction or suppression of their personal data. This is not an absolute right and only applies in certain circumstances.
The right to data portability allows individuals to obtain and reuse their personal data for their own purposes across different services. It allows them to move, copy or transfer personal data easily from one IT environment to another in a safe and secure way, without affecting its usability.
The GDPR gives individuals the right to object to the processing of their personal data in certain circumstances. Individuals have an absolute right to stop their data being used for direct marketing.
The GDPR has provisions on automated individual decision-making (making a decision solely by automated means without any human involvement) and profiling (automated processing of personal data to evaluate certain things about an individual). Profiling can be part of an automated decision-making process. The GDPR applies to all automated individual decision-making and profiling. Article 22 of the GDPR has additional rules to protect individuals if you are carrying out solely automated decision-making that has legal or similarly significant effects on them.
Legal documents are:
Registered customers have access to a ticketing system in order to report problems.
Pricing example for a Standard Edition with 2 languages:
- 1 x one-time implementation = CHF 360.00
- 2 x Licence per Language = CHF 54.00
- 1 x Hosting = CHF 160.00
- Totally: CHF 360.00 one-time and CHF 214.00 yearly running cost.
Please refer to the fccDataPrivacy Pricing Guide for more detailed information about Pricing.
Questions & Answers
The editions are mainly intended to reflect the company size (number of employees). While the legally supported framework is identical for all editions, there are differences in the number of authorized persons with access to the fccDataPrivacy Portal as well as in the form of support.
Yeah, anytime. Just create a ticket and we'll do the upgrade. You will then be charged the pro-rata fees for the remainder of the current subscription period. Please note: A downgrade between the editions is not possible.
Please note: A downgrade between the editions is not possible.
The subscription term is one year with automatic renewal for a further year if not cancelled 1 month before the end of the subscription term. Cancellations can be made in writing or in text form (e.g. by e-mail or contact form). In the event of termination within the subscription term, no pro-rata repayment will be made.
In the event of termination within the subscription term, no pro-rata repayment will be made.
The Process Activities and the fccDataPrivacy Admin Portal currently supports English and German).
fccDataPrivacy is installed in your web tool. The installation procedure for the supported web tools is well documented and tested. The installation effort depends on the skills and experience of the person performing the installation. A professional or semi-professional web developer can complete the installation within a few hours. If you do not have the resources for the installation yourself, you are welcome to contact one of our installation partners.
fccDataPrivacy ships for a number of supported environments. These are the most popular native CMS tools (such as WordPress, Joomla!, Magento. For a list of supported environments, please refer to Supported Platforms. It is our goal to support the tools used by our customers. If your environment is not on the list of supported environments, just let us know and we will either show you how to install it or start working on the integration. We don't charge for new integrations - even better, the first customer we implement a new integration for gets a 100% discount on the installation fees.
Some CMS do not support all technologies necessary for the proper operation of fccDataPrivacy. Under Q&A you will find the information and tips & tricks to set up your CMS for the operation of fccDataPrivacy.
fccDataPrivacy for SMB is designed for partners and we support both, Distribution and Installation Partners. Typical partners are web agencies and web hosting providers. Please contact us for further information.