At Pusher, we have a deep respect for data. We have always had a strong commitment to privacy, security, and transparency - both towards our customers, as well as towards our own employees. This translates into an already well-considered and sensible attitude in our approach to data.
We like what the General Data Protection Regulation (“GDPR”) is seeking to achieve. We are proud of our existing attitude towards data. On this page is an overview of our approach to GDPR compliance, and what it will mean for you as a Pusher customer.
Will our customers be able to use Pusher products and services without risking a breach of the GDPR?
Customers to whom the GDPR applies will need to make sure their business is compliant with the GDPR in its own right. If it is, the customer will not risk a breach of the GDPR solely by using Pusher products and services.
What has Pusher done to prepare for the GDPR?
Privacy by design: We are always reviewing the way we design, build and implement updates and new products and services to ensure data privacy remains a core part of our decision-making processes at every level.
Data security: We have reviewed our internal data practices and policies to ensure our approach to data is compliant, consistent and clear across Pusher.
Working with Customers: We continue to work with our customers to answer their questions and adjust or supplement agreements to ensure customers can continue to use Pusher.
Data portability: Our data promise has always been the same - You own your data, not us. We are making ongoing improvements to the portability of our customers’ data.
Data processing: To be able to fulfill our commitments to customers as a data processor, we have ensured that our updated terms and conditions contain provisions that are appropriate to the data we store, and balance the risks and responsibilities between us and our customers fairly.
Do these changes affect Pusher customers in any way?
Yes. We have updated our legal terms available on https://pusher.com/legal/ to bring them into compliance with the GDPR and those changes are effective as of 25 May 2018.
Pusher customers will be notified when the legal terms have been updated. We recommend Pusher customers read the updated terms because using Pusher products and services after the updated terms have gone live will be treated as acceptance of those terms.
What is the GDPR?
The General Data Protection Regulation is a new European data regulation which will replace the current EU Data Protection Directive. The GDPR aims to strengthen the security and protection of personal data in the EU and harmonize EU data protection law. It is designed to give organisations a consistent framework on how personal data can be collected, processed, used, and shared across EU member states The GDPR provides individuals with more control over how their personal data can be processed.
The GDPR is European Union law. What happens after Brexit?
Pusher is committed to complying with the requirements of the GDPR long-term, regardless of Brexit. The GDPR regulates the “processing,” which includes the collection, storage, transfer or use, of personal data about EU individuals. That means that a company outside the EU that processes personal data about EU individuals will have to comply with GDPR as well. For example, a US based company that processes personal data of individuals in France will need to comply with the GDPR.
Our customers are situated all over the world, including in the EU. Additionally, personal data of our customers’ end-users passes through our data centres, one of which is situated in the EU. This means we process personal data belonging to EU individuals, so it doesn’t matter whether we are based in an EU member state or not - the GDPR will apply to us regardless.
So not only will the GDPR will be brought into UK law under the new Data Protection Bill, designed to ensure data protection measures are maintained after the implementation of Brexit, the GDPR itself will continue to apply to Pusher as well.