As we’ve grown, our focus on protecting the data and privacy of users has remained our highest priority.

On May 25th 2018, the General Data Protection Regulation (GDPR) will be enforced. The GDPR is a new piece of legislation designed to reshape the way organisations across the world approach data privacy, especially across the EU.  While the GDPR is a piece of EU legislation, it applies to any business that handles personal data in the EU.

It is important for us to be transparent with the type of data that we collect, use and store.

1.   Shuttlerock Account Data

This includes information needed for customers to log into their Shuttlerock account (email address, account password etc.). Users also have the option to login via social providers such as Facebook or Twitter. In these cases the data being provided will be clearly identified by the social provider during login. The holding of this user information is compliant with the GDPR, as users agree to Shuttlerock’s Privacy Policy and Terms of Use when they sign up.   

All photos and videos uploaded by users are stored in accordance with Shuttlerock’s Privacy Policy and Terms of Use, agreed to by the user during registration. We will remove any photo, video or account data from our systems within 24 hours of request. Our Privacy Policy includes details of how to contact Shuttlerock.

2.  Aggregated data from Social Networks

As part of our platform, Shuttlerock collects aggregated content from social network accounts that customers/users have connected to our platform. The information on these networks include Instagram posts, Twitter posts and/or Facebook posts. When a social post is deleted or modified, we make sure to reflect these changes in our own platform. This is a necessary part of Shuttlerock’s services and part of how Shuttlerock provides its services to customers/users.

The End User License Agreement (EULA) of the social network covers consent for this data, and thus complies with the GDPR regulations.

3.  Aggregated data from RSS feeds

Our platform also supports RSS feeds as a source of content. These feeds are publicly available on the internet, but because they most likely are not protected by an EULA, it is the responsibility of our customers to ensure that their use of data from RSS feeds complies with the GDPR regulations before they provide any RSS feed content to us. In effect, this means that the customer needs to obtain consent from the publisher of the RSS feed to collect the information and provide it to us, before collecting and providing the content to us for our use.

4.   Product Usage Analytics

In order to build a superb user experience, we need to identify and solve any problems that the user encounters during their use of our platform. Consequently, Shuttlerock tracks and records information such as product usage and session data. This is covered by Shuttlerock’s Privacy Policy, and is thus in compliance with GDPR regulations.

We use the following tools to collect analytics:

5. Sessions and Cookies

Shuttlerock makes use of certain third-party analytic tools that allow us to customize the experience for our users. These technologies include cookies such as Google Analytics and tracking pixels such as the Facebook Pixel.

We use cookies to remember users’ settings (e.g. language preference), for authentication, for storing recently visited page information and for routing user traffic. Users can control the use of cookies at the individual browser level. If you reject cookies, you may still use our platform, but your ability to use some features or areas of our website may be limited and you may not receive the latest content.

6. CRM Database Protection

We acknowledge that our CRM provider, Hubspot acts as the data processor and holder of current clients and potential clients data. Shuttlerock acts as the controller of this data and provides adequate safeguards with respect to personal data processing.