1. Home
  2. Knowledge Base
  3. General Questions
  4. Should I get customers’ consent to use Help Desk Migration service and comply with GDPR?

Should I get customers’ consent to use Help Desk Migration service and comply with GDPR?

One of our customers had this question:

“Are you a "data processor" for the data passed in the migration service? If PII is included in tickets, etc, do we need to notify our customers of this?“

Since GDPR may be a little confusing, we decided to give an exhaustive answer.

A little notice before we begin. Help Desk Migration is by no means a law firm. All the information on this page is a result of our own research and should be taken as a recommendation.

For starters, yes, Help Desk Migration is a data processor. According to the definition, you (our client) are the data controller since you collect and decide how to process data. Help Desk Migration, processes data on your behalf (because you choose whether to migrate or not to migrate data.)

Yes, you should. The GDPR obliges the data controller to inform the data subject that their personal data may be processed by a third-party processor.

The simple way to do it is to update the agreement between you and your customer.

We suggest adding Help Desk Migration to your privacy policy. Specify that our third-party service may have access to or process their information to provide data migration services for you. And, of course, sufficiently explain the purpose of using Help Desk Migration service.

As following, you may personally update your customers about changes to the privacy policy. That depends on how your company manages policy updates.

Last notes

We would like to note that only authorized personnel of Help Desk Migration gets to work on data migrations. And we take all necessary measures to protect your data.

Should you have any questions? Leave us a message.

Did this answer your question?
Book a Call
cancel
%s
— %s