Data best practices at Enterprise companies with S&P Global Market Intelligence.

Tune in Sept 28!
skip to content
Loading...
    • The Digital Insights Platform Transform your digital experience
    • How Heap Works A video guide
    • How Heap Compares Heap vs. competitors
    • ROI Calculator See what Heap can save you
    • The Future of Insights A comic book guide

  • Data Insights

    • Session Replay Complete context with a single click
    • Heatmaps Visualize user behavior instantly
    • Illuminate Data science that pinpoints unknown friction
    • Journeys Visual maps of all user flows

    Data Analysis

    • Segments User cohorts for actionable insights
    • Dashboards Share insights on critical metrics
    • Charts Analyze everything about your users
    • Playbooks Plug-and-play templates and analyses

    Data Foundation

    • Capture Automatic event tracking and apis
    • Mobile Track and analyze your users across devices
    • Enrichment Add context to your data
    • Integrations Connect bi-directionally to other tools

    Data Management

    • Governance Keep data clean and trusted
    • Security & Privacy Security and compliance made simple
    • Infrastructure How we build for scale
    • Heap Connect Send Heap data directly to your warehouse

  • Solutions

    • Funnel Optimization Improve conversion in user flows
    • Product Adoption Maximize adoption across your site
    • User Behavior Understand what your users do
    • Product Led Growth Manage PLG with data

    Industries

    • SaaS Easily improve acquisition, retention, and expansion
    • eCommerce Increase purchases and order value
    • Healthcare Build better digital patient experiences
    • Financial Services Raise share of wallet and LTV

    Heap For Teams

    • Product Teams Optimize product activation, conversion and retention
    • Marketing Teams Optimize acquisition performance and costs
    • Data Teams Optimize behavioral data without code
  • Pricing

  • Support

    • Heap University Video Tutorials
    • Help Center How to use Heap
    • Heap Plays Tactical how-to guides
    • Heap Updates
    • Professional Services

    Resources

    • Down the Funnel Our complete blog and content library
    • Webinars & Events Events and webinar recordings
    • Press News from and about Heap
    • Careers Join us

    Ecosystem

    • Customer Community Join the conversation
    • Partners Technology and Solutions Partners
    • Developers
    • Customers Stories from over 9,000 successful companies
  • Free TrialRequest Demo
  • Log In
  • Free Trial
  • Request Demo
  • Log In

All Blogs

Heap's Commitment to GDPR and Data Privacy

Ravi Parikh
May 2, 20182 min read
  • Facebook
  • Twitter
  • LinkedIn
Heap

As an analytics provider that collects personal data about billions of people across thousands of customers, we’ve taken a proactive approach to data privacy. We’ve taken a number of measures to ensure that we and our customers are ready for the EU’s General Data Protection Regulation, commonly known as GDPR, which goes into effect on May 25, 2018.

Update: Our session replays are also private and secure by default, and fully GDPR compliant. Learn more about session replays here.

What Heap is doing to be GDPR-ready as a data processor

Heap has taken various steps to give customers confidence that the use of the Heap Service will be consistent with the GDPR when it goes into effect on May 25.

Here are the measures we’ve already completed to work toward GDPR-readiness:

  • Independent of the GDPR, Heap has always had an industry-standard data security and privacy focus. We’re always investing in these areas to make these measures even more robust.

  • After the GDPR was announced, we worked throughout 2017 and early 2018 to strengthen internal processes, policies, and other changes required to be GDPR ready. As an additional measure, during February 2018, Heap went through a third-party GDPR gap analysis to determine if there were any remaining gaps in our GDPR readiness.

  • We’ve rewritten our Data Protection Agreement (DPA) to be GDPR-ready and contractually affirm our GDPR-readiness. If the GDPR applies to your company and you don’t already have a DPA in place with us, email us at legal@heapanalytics.com and we will be happy to send you our DPA.

  • We’ve built internal processes to make it straightforward to be compliant with data subject rights under the GDPR including the right to erasure. When our customers receive inquiries from data subjects, they can forward those to us and know that we’re able to meet the requirements. For more details on data subject rights, this provides an overview: https://gdpr-info.eu/chapter-3/

  • We’ve developed deletion tools to support our customers and we have built an external User Deletion as well.

  • We have appointed Kate Helin as our Data Protection Officer (DPO). She can be contacted at dpo@heapanalytics.com.

In addition, here are additional measures that we are taking towards GDPR-readiness that are still in progress, but will be complete prior to May 25, 2018:

  • We’ve conducted an internal audit of third-party services to determine if they would be considered subprocessors of Heap customer data. We’re in the process of signing GDPR-compliant processing agreements with each subprocessor that we identified. As of April 2018, we have identified 2 subprocessors.

  • We are in the process of staff training as well as adding processes for ongoing trainings for new and existing employees about how to respond to GDPR requests.

  • We will revise the information policies in our official employee handbook (signed by all Heap employees upon employment) in accordance with GDPR.

What you need to do as a Heap customer

If you’re based in the EU or are otherwise affected by GDPR, you may want to sign a Data Protection Agreement (DPA) with us if you haven’t already. Email us at legal@heapanalytics.com if you need to do this.

You should also review your companies Terms of Use, Privacy Policy, and/or any other user-facing agreements to understand Heap’s practices and commitments regarding data privacy and to confirm that they’re consistent with how you’re using Heap to collect and use customer data.

Ravi Parikh

Was this helpful?
PreviousNext

Related Stories

See All

  • Heap.io
    article

    Designers should leverage product analytics. Here's how.

    Learn how product analytics can improve the design process.

  • Heap.io
    article

    The four stages of data maturity– and how to ace them

    Where are you in your data journey?

  • Heap.io
    article

    3 lean experiments you can build in just one day

    Testing doesn’t have to be difficult!

Better insights. Faster.

Request Demo
  • Platform
  • Capture
  • Enrichment
  • Integrations
  • Governance
  • Security & Privacy
  • Infrastructure
  • Illuminate
  • Segments
  • Charts
  • Dashboards
  • Playbooks
  • Use Cases
  • Funnel Optimization
  • Product Adoption
  • User Behavior
  • Product Led Growth
  • Customer 360
  • SaaS
  • eCommerce
  • Financial Services
  • Why Heap
  • The Digital Insights Platform
  • How Heap Works
  • How Heap Compares
  • ROI Calculator
  • The Future of Insights
  • Resources
  • Blog
  • Content Library
  • Events
  • Topics
  • Heap University
  • Community
  • Professional Services
  • Company
  • About
  • Partners
  • Press
  • Careers
  • Customers
  • Support
  • Request Demo
  • Help Center
  • Contact Us
  • Pricing
  • Social
    • Twitter
    • Facebook
    • LinkedIn
    • YouTube

© 2023 Heap Inc. All Rights Reserved.

  • Legal
  • Privacy Policy
  • Status
  • Trust