The General Data Protection Regulation (GDPR) outlines key principles designed to protect the privacy of individuals. It is important that users ensure their use of OnceHub is aligned with these principles.
Lawfulness, fairness, and transparency
Data controllers have certain responsibilities relating to how they collect and process data from customers. Article 5 of the GDPR outlines the principles for processing data:
- Lawful: There must be a legal basis for processing. Article 6 of the GDPR outlines several methods for ensuring a legal basis for processing. With online scheduling, you can most likely establish a legal basis on that grounds that processing is necessary for fulfilling a business obligation. Learn more about establishing a lawful basis for processing
- Fair: Any processing of data should be in line with the stated purpose for processing. Customers should be aware of the purpose for processing their data.
Data should only be collected for a "specific, explicit, and legitimate purpose." Any processing of data should be in line with the stated purpose. Data subjects should be aware of the purpose for processing their data, and controllers must obtain consent if the purpose of processing changes. For example, data provided by Customers via ScheduleOnce is processed for scheduling meetings. You shouldn’t use this data for marketing unless you have explicitly advised the Customer that you will.
Data collection should be “adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed.” For example, you should configure your ScheduleOnce Booking form to include only fields that are necessary for scheduling the meeting with your client. Learn more about data minimization
Personal data should only be kept if necessary. For example, ScheduleOnce booking data is kept for the lifetime of your account, allowing you to generate reports and gain insights into your scheduling activity. When you delete you OnceHub account all ScheduleOnce booking data is automatically deleted as well.
To learn more about OnceHub's compliance with the GDPR, read our ebook: A practical guide to using OnceHub in a GDPR compliant manner