European Union's (EU's) General Data Protection Regulation (GDPR) affects all companies processing data from EU citizens. SWOOP has features that empower our customers to comply with the GDPR requirements, though the regulation only applies to the data of employees with citizenship in the EU. If you do not have employees located in the EU, you still have the option to leverage these features for your program but are not required to do so.
Within the context of the GDPR the 'Data Controller' is the organisation who has a contractual relationship with SWOOP Analytics to perform analytics on its behalf.
SWOOP Analytics is the 'Data Processor'.
A person who is included in the analytical activities SWOOP perform is a 'Data Subject'.
Data Subject Requests
If you are a SWOOP Admin and you have received a Data Subject Request you can perform an extract in SWOOP by following the steps below:
- Log in to SWOOP
- Click Admin / Data Export
- Click 'Export Raw Data'
Please refer to the following support articles for what is included in the export files:
If SWOOP receives a Data Subject Request directly we will redirect the request to our customer's privacy contact with a link to this support article.
Request to be forgotten
Requests from data subjects to be forgotten are made to the Data Controller. Even though data is deleted from its source some artefacts may still be stored in SWOOP. Please submit a support request to request data to be deleted.
Exclude data subjects from processing
SWOOP can exclude individuals, or a cohort of individuals with a common attribute (e.g a particular geographical location), from processing. Please raise a support request to get started or contact your SWOOP representative.