We have made every effort to provide a detailed overview of the GDPR compliance and how Bitontree supports your business to operate within the confines of this regulation especially when it comes to customer data and its verification through Bitontree. But it is still advised to engage the services of a legal counsel in order to have a better understanding of GDPR compliance and the liabilities that come along with it. The following compliance guide is actually the practices, procedures and upgrades introduced in the internal working of Bitontree to make its services GDPR compliant. Cookies GDPR needs the websites and online businesses to intimate users that they are using cookies. The language of this intimation is also suggested by the GDPR to be easily understandable for an average user. Consent is required from users before they are tracked by the cookies. We have updated our cookies policy in this regard as well. Lawful Basis GDPR only allows collection of user data for a legal reason. Bitontree only collects data for verification purposes as per the legal agreement signed by Bitontree and its customers. This data will be limited to verification of the credentials, identity or any other related verification that was required by our customers to be provided as per the legal agreement. Deletion GDPR requires businesses and websites to forget and delete the user data when requested by the user. Bitontree has taken steps to provide full control to the end-users about their data that they have submitted for identity verification. Here is our Game Plan for GDPR Compliance Either you are a B2B or B2C, Ecommerce company, Educational Entity or Crypto based organization, you probably by this point have known about General Data Protection Regulation (GDPR). It is a new directive set by the European Union, a legislation that sets forth guidelines regarding how information is collected and how it is processed and used. The GDPR legislation was formed to harmonize data privacy laws across Europe. Empowering all EU citizen’s data privacy in the process, and to reshape how organizations approach data privacy in a secure and transparent manner. At Bitontree , tireless efforts have been underway over the last few months to assist our users, businesses and our clients. To help them understand, what the GDPR means for their businesses and to assist them in establishing a compliant process of their own. Considering that aspect, we have made great improvements to our Bitontree platform to ensure that we stand at par with the GDPR measures. Bitontree has prepared a Game Plan for you to understand, how GDPR operates behind the scenes, when a customer interacts using our service. User Data User Data means any data, content, code, images or other materials of any type that User uploads, submits or otherwise transmits to or through Services. User will retain all right, title and interest in and to User Data in the form provided to Bitontree. Bitontree stores data on industry secured servers located in EEA zone, and are monitored. Subject to the terms of this Agreement, you hereby grant to Bitontree a non-exclusive, worldwide, royalty-free right to; (a) collect, use, copy, store, and transmit User Data, in each case solely to the extent necessary to provide the applicable Services to Client (b) Client hereby grants to Bitontree all necessary rights to use, reproduce, modify, create derivative works from, distribute, perform, transmit and display the User Information (including any rights specifically pertaining to biometric information) solely to the extent necessary to provide the Services which will include the right for Bitontree to grant equivalent rights to its service providers that perform services that form part of or are otherwise used to perform the Services. Access to Data The Services include access to the Back-office, Client may access and download (either manually or via API) the data from each of its Verifications, including extracted data and images for each individual Transaction, via the Back-office for the Term. Upon termination of this Agreement for any reason, access to the Back-office, and therefore access to data storage, will be revoked. Bitontree may delete any stored items in storage upon expiration or termination of this Agreement. Bitontree will have no responsibility or liability for storing and deleting items in accordance with this Section 9.