GDPR and Nexudus

The General Data Protection Regulation (GDPR) requires Nexudus to make the following changes to its platform and the internal privacy policy:

  • Reorganise the privacy team, document and keep records of decisions related to privacy made by Nexudus so that Nexudus is accountable for its privacy practices.

  • Make sure that Nexudus can honour the rights of European merchants and customers over their personal data, and that merchants can do the same when using Nexudus' services.

  • Make required contractual commitments to merchants and obtain necessary contractual commitments when Nexudus uses a third-party contractor to provide services.

What has Nexudus done to prepare for the GDPR?

Nexudus has been preparing for the GDPR in the following ways:

Policies and documentation

  • Updated Nexudus' privacy policy to include more information about the rights introduced by GDPR and included more detailed information about how Nexudus processes personal data, as required by Articles 13 and 14 of the GDPR.

  • Added a data processing agreement to Nexudus' online terms of service, as required by Article 28 of the GDPR.

  • Implemented a detailed procedure to deal with data subject access requests, deletion requests, and government access requests.

Product features

  • Added a feature to the Nexudus platform so that space managers can obtain independent consent for marketing purposes and can choose whether or not to have the consent checkbox ticked beforehand, depending on their requirements.

What new settings can help me achieve GDPR compliance?

A few new options have been introduced or enhanced to support GDPR compliance when needed. These help customers agree with your terms and conditions, and allow them to receive communications from you before they even provide you with any of their personal details.

Go to Settings and click Modules Configuration in the Features section. In the Newsletters tab, you now have two options controlling whether email addresses should be captured when a new member or contact is added to the system and whether the newsletter subscription should be active by default.

When signing up a new member as an administrator, these options control if that person's email is added to your member or contact subscription list and whether that subscription is enabled by default or not.

On the space website, this shows as a pre-selected checkbox when newsletter subscription is activated by default.

To help you follow GDPR regulations, ensure that activating subscription by default is always turned off.

How to update my website with GDPR compliance?

There are three files that have been updated to help you comply with GDPR regulations. These files can be edited by accessing the Templates tab in Settings>Website.

Remember to click Save at the top of the template when you make any updates.

signup.htm

Go to Settings>Website>Templates and click Open template files. Click Common files, look for signup.htm and click the template.

The signup.htm template can now include options to let customers give explicit consent to your newsletter system and to review and agree to your terms and conditions before they provide you with their personal details.

If you use a version of this file that was generated before the introduction of GDPR, you can use the code below to add this function to your template in line 183:

<h4>{% T Terms and Conditions %}</h4>
                <div class="credentials__box">
                    <form class="form" data-bind="with: coworker">
                        <div class="checkbox">
                            <label>
                                <input data-bind="checked: SignUpToNewsletter" type="checkbox"> 
                                <strong>{% T I would like to receive occasional and relevant updates from {0} by email. || data.Business.Name %}</strong>
                            </label>
                        </div>
                        {% if data.Business.TermsAndConditions != null %}
                        <div class="checkbox">
                            <label>
                                <input data-bind="checked: GeneralTermsAcceptedOnline" type="checkbox"> 
                                {% capture tcUrl %}{% Url TermsAndConditions, Index %}{% endcapture %}
                                <strong>{% T I agree to the <a target="_blank" href="{0}">terms and conditions</a>. || tcUrl %}</strong>
                            </label>
                        </div>
                        {% endif %}
                    </form>
                </div>

Additionally, insert the code below into line 234:

	coworker.GeneralTermsAcceptedOnline = false;

If you have not made any changes to the template file, you can also click Update at the top of the form to bring the file to the most up-to-date version.

core_priceplans_table.htm

Go to Settings>Website>Templates and click Open template files. Click Common files, look for core_priceplans_table.htm and click the template.

This section in the core_priceplans_table.htm template allows new members to give explicit consent when selecting a new plan. They can also review the full set of terms and conditions before signing up and choosing a plan.

If you use a version of this file that was generated before the introduction of GDPR, you can use the code below to add this function to your template in line 52:

{% if service.TermsAndConditions != null and data.Coworker != null %}
              {% if data.Local.Contract != null %}
              <a  href="#" data-href="/{{data.Language}}/termsandconditions/view/{{service.Id}}?returnUrl={{continueUrl}}%26startdate=|date|" class="btn btn--primary">{% T Review Terms and Conditions %}</a>
              {% elseif data.Controller == 'profile' %}
              <a href="#" data-href="/{{data.Language}}/termsandconditions/view/{{service.Id}}?returnUrl={{continueUrl}}%26startdate=|date|" class="btn btn--primary">{% T Review Terms and Conditions %}</a>                
              {% else %}
              <a  href="#" data-href="/{{data.Language}}/termsandconditions/view/{{service.Id}}?returnUr{{={continueUrl}}%26startdate=|date|" class="btn btn--primary_">{% T Review Terms and Conditions %}</a>                
              {% endif %}
          {% else %}
            {% if data.Local.Contract != null %}
            <a  href="#" data-href="{{continueUrl}}&startdate=|date|" class="btn btn--primary">{% T Change to this plan %}</a>
            {% elseif data.Controller == 'profile' %}
            <a href="#" data-href="{{continueUrl}}&startdate=|date|" class="btn btn--primary">{% T Select this plan %}</a>                
            {% else %}
            <a  href="#" data-href="{{continueUrl}}" class="btn btn--primary">{% T Sign up %}</a>                
            {% endif %}
          {% endif %}

If you have not made any changes to the template file, you can also click Update at the top of the form to restore the file to the most up-to-date version.

profile.htm

Go to Settings>Website>Templates and click Open template files. Click Common files, look for profile.htm and click the template.

This section in the profile.htm template lets current members and contacts opt in and out of your newsletter system from their profile page.

If you use a version of this file that was generated before the introduction of GDPR, you can use the code below to add this function to your template in line 310:

<div class="checkbox">
                  <label>
                      <input data-bind="checked: SignUpToNewsletter" type="checkbox"> 
                      {% T I would like to receive occasional and relevant updates from {0} by email. || data.Business.Name %}
                  </label>
                </div>

Additionally, insert the code below into line 8:

coworker.SignUpToNewsletter = {{ data.Local.IsNewsletterSubscriber }};

If you have not made any changes to the template file, you can also click Update at the top of the form to restore the file to the most up-to-date version.

Last updated