Google tag manager
GDPR - ActionPlanner | Business Execution Software

GDPR in ActionPlanner

Here is what the European Union GDPR initiative means to you as an ActionPlanner client and user.

The EU General Data Protection Regulation (GDPR) has applied since 25 May 2018 and sets rules for how organisations must process personal data lawfully, fairly, and transparently.

 

Your organisation is the Data Controller (you decide why and how personal data is used), and ActionPlanner (PROMISE ApS) is the Data Processor (we process personal data only to deliver the service and only on your instructions, as described in our Data Processing Agreement).

Your personal data are safe in ActionPlanner

We take information security and privacy seriously. Protecting customer and user data is essential to running a trustworthy business.

When you subscribe, our terms include a Data Processing Agreement (DPA) that defines how we process personal data, including:

 

  • purpose and scope of processing,
  • confidentiality obligations,
  • requirements for sub-processors,
  • assistance with data subject rights requests,
  • security and breach notification obligations

 

This gives your organisation a clear contractual framework for GDPR compliance when using ActionPlanner.

Your consent is a part of GDPR

GDPR requires a lawful basis for processing personal data. In most B2B Client setups, the lawful basis for processing within the workspace is typically established by the Client (Data Controller).

 

In ActionPlanner, we present users with a clear Privacy Policy notice on first login so they understand what personal data is processed in the application and why. This is primarily about transparency and user awareness.

Important documents relating to GDPR in ActionPlanner

To make it easy to understand how personal data is handled in ActionPlanner, we provide the key GDPR-related documents below:

 

  • Software License Agreement – Contract terms for using ActionPlanner, including responsibilities related to customer data.
  • Data Processing Agreement – The GDPR Article 28 agreement describing processing instructions, security measures, sub-processors, breach notification, assistance with data subject rights, and audit/inspection rights.
  • Privacy Policy – Website & Cookie Notice – What data is processed when visiting our website (cookies/analytics, contact forms, etc.) and how to manage preferences.
Menu