To understand the impact of the GDPR on the use of the d-basics software fully, a distinction must be made between:
- The collected data of the users of the d-basics software by d-basics B.V.
- The (personal) data copied and sent from the accounting package by the d-basics software
Personal data users d-basics software
D-basics B.V. processes the following details from the users of the d-basics software:
- First and last name
- Business address details
- Job title
- Business telephone numbers
- Email address
- Other personal details that you add yourself to your d-basics Portal profile
- Log information on how you use the d-basics software
- Technical information on how you configured the d-basics software
- Information related to help desk activities, such as tickets (including comments and status updates)
- Bank details
Data collected by d-basics software
The d-basics data extraction software copies information from your accounting package, turns it into data files and sends these to external recipients such as factoring companies, banks, etc.
The nature of the information collected and sent by the d-basics software is very diverse and it depends on the specific purpose for which the software is being used.
Within computer environment of user
To understand the influence of the GDPR on the use of the d-basics data extraction software fully, it is important to realise that the d-basics data extraction software is installed within the computer environment of the user (sender) and that the software is used and controlled by this same user.
During regular use d-basics B.V. has access neither to the software nor to the (personal) data that are being processed through it. Consequently, d-basics B.V. cannot be seen as a processor as such when it concerns the usage of the d basics software for importing and sending information.
Special personal data
D-basics B.V. will never ask for special personal data from d-basics software users.
It is, however, possible that special personal data, such as race, political preferences, or social security information, is copied and sent from your accounting package when information is imported and sent using the d basics data extraction software.
When the d-basics software is used to import and send special personal data it is the responsibility of the sender that this process complies with GDPR guidelines.
To support clients adequately, d-basics B.V. employees will use remote desktop software to connect to the computer of d-basics software users.
During the remote desktop session the d-basics B.V. employee will see data as it is displayed on the user’s computer screen, which may include personal data.
Users who give their permission for a remote desktop connection are asked not to have person-al data on display during the remote desktop session.
User has full control
A remote desktop connection can only be established with the cooperation of a user of the d basics software. The user retains full control during such a session and can break the connection at any moment he/she chooses.
After the connection has been broken the d-basics B.V. employee will not be able to re-establish the connection independently.
The data that were visible at the time of the desktop connection will not be copied to d-basics B.V.
There are times when d-basics B.V. employees will ask users of the d-basics software for a copy of a database and/or data files. These copies are used to add links to new accounting packages to the d-basics data extraction software or to improve or expand existing links to accounting packages.
Providing these copies is not part of the regular usage of the d-basics software and in such cases clear agreements on the conditions under which the copies are provided will always be made with the user concerned.
If the databases or data files concerned contain special personal data d basics B.V. will request users to make this known beforehand. In this case d-basics B.V. will refrain from copying the parts that contain the data concerned.