Testimoni.es and the GDPR

Privacy and Security Contact

Michael Short
mike@blitzind.com

3810 Fuchsia Circle

As part of our ongoing efforts to protect the security and privacy of our users, we are working to meet or exceed the GDPR (General Data Protection Regulation). This site contains information on what steps we are taking, their progress, and who to contact for any security concerns. Please see our FAQ for more information.

Data Processing Addendum

If you need a signed DPA, please use the button below to cross sign and download your copy of our DPA.

Make A Data Request

We respect the rights of individuals to know how their data is being used, export it or request that it be deleted.

Data Processing Partners

We rely on a number of trusted 3rd parties to assist with our operations. Depending on the exact nature of your account and what you've requested we do, your data may be shared with one of these partners. We carefully evaluate each to make sure they're handling your personal data with the utmost of respect, security, and privacy.

Services
Partner Locale Data Shared Purpose
anime.js IP Address

Polyvalent Javascript animation engine

CDN JS IP Address

CloudFlare's CDN with popular javascript frameworks available.

Digital Ocean IP Address

SSD VPS hosting environment.

Google Apps for Business IP Address

Web-based email, calendar, and documents for teams. Renamed to Google Apps for Work, but now known as G Suite From Google Cloud.

Google Font API IP Address

The Google Font API helps you add web fonts to any web page.

GSAP IP Address

GSAP is a suite of tools for scripted, high-performance HTML5 animations that work in all major browsers from GreenSock.

justifiedGallery IP Address

This is a JQuery plugin that allows you to create an high quality justified gallery of images.

Popper.js IP Address

A library to manage your pop ups.

TweenMax IP Address

Provides a single JavaScript file that contains everything you will commonly need for animating DOM elements:

Compliance Tasks

GDPR Compliance requires maintenance and ongoing work. We are tracking our efforts here.

Privacy Procedures
Status Name
Completed Nominate a Data Protection Lead or Data Protection
Completed Get Management Approval for GDPR Efforts
Completed Process established for subject data requests
Completed Procedure established to allow for people to request that inaccuracies in their data are fixed.
Security Procedures
Status Name
Completed Publish statement on public website on how to report security and data issues.

Frequently Asked Questions

If you have any concerns not answered here, please reach out to our contact (listed above) and we'll be happy to assist.

What's the GDPR?

The General Data Protection Regulation (GDPR) is a new piece of privacy legislation enacted by the European Union. It represents a significant change in how personal (IP Addresses, Emails, Names) and sensitive (religion, ethnic origin, health, orientation) data is handled by companies.

Do Non EU Companies need to comply with the GDPR?

While it remains to be seen if the EU has the legislative power to levy fines and enforcement against organizations around the globe, GDPR compliance is being sought by non EU companies for a variety of reasons.

  • Customers and Prospects are making it a requirement
  • It's a solid framework for improving the handling of personal information and complying with the GDPR requirements improves our own security.

How Do I Report a Security Issue?

We take all security reports seriously. Please email our security contact (information listed above) with any information you have regarding any potential data breaches, vulnerabilities or concerns.