GDPR Notice

On May 25, 2018, the General Data Protection Regulation (GDPR) became fully enforceable across the European Union (EU), creating a higher standard for data protection, privacy, and security for the processing of personal data from the EU. The GDPR applies to the processing of personal data regardless of where that takes place in the world and impacts any company that handles personal data of EU citizens and others within the EU. The GDPR is an attempt to strengthen and modernize EU data protection law and enhance individual rights and freedoms, consistent with the European understanding of privacy as a fundamental human right. The GDPR regulates, among other things, how individuals and organizations may obtain, use, store, and remove personal data. In a nutshell, it gives EU citizens and residents control over their personal data while simplifying the regulatory environment for international business that takes place in the EU. The Data Protection Principles include requirements such as:
  • Personal data collected must be processed in a fair, legal, and transparent way and should only be used in a way that a person would reasonably expect.
  • Personal data should only be collected to fulfill a specific purpose and it should only be used for that purpose. Organizations must specify why they need the personal data when they collect it.
  • Personal data should be held no longer than necessary to fulfill its purpose.
  • People covered by the GDPR have the right to access their own personal data. They can also request a copy of their data, and that their data be updated, deleted, restricted, or moved to another organization.

Why is it important?

GDPR adds new requirements regarding how companies should protect individuals’ personal data that they collect and process. It also raises the stakes for compliance by increasing enforcement and imposing greater fines for breaches. Beyond these facts, it’s simply the right thing to do. At WeSolve, we strongly believe that your data privacy is very important, and we already have solid security and privacy practices in place that go beyond the requirements of the GDPR.

Does WeSolve offer a DPA?

WeSolve is committed to GDPR compliance, and there are no shortcuts when it comes to meeting these requirements. We offer a data processing addendum (DPA) for our customers who collect data from individuals in the EU. Our DPA offers contractual terms that meet GDPR requirements and that reflect our data privacy and security commitments to our customers. Our DPA is already part of the Terms of Service, so no further action is needed on your part. But if you have any special DPA needs, feel free to contact us. You can always link to Our GDPR Notice in case you need to provide documentation that WeSolve is indeed a GDPR-compliant data processor or download the page as a PDF.

Is WeSolve GDPR compliant?

Yes, our Terms of Service have been updated to reflect strict GDPR requirements and compliance. We work with the best in the market to ensure complete compliance and data safety so you can rest easy. An extensive standardized DPA has been added as an extension of our Terms of Service and includes both the relevant information on data processing along with a list of sub-processors. We have examined every detail in our design by meticulously reviewing our product, its processes, and procedures to ensure we meet the necessary GDPR standards:
  • Privacy Policies / Legal: Compliant. Updated policies, contract language, and DPAs.
  • Data Protection / Security: Compliant. Updated guidelines, implemented two-factor authentication, audited vendors, and IT systems.
  • Data Subject Rights (DSR): Compliant. Developed processes for DSR requests.
  • Data Management / Mapping: Compliant. Completed data mapping and inventory of systems that manage personal data, including implementation of data retention guidelines, data minimization standards, and de-identification methods.
  • Awareness / Training: Compliant. Conducted training and implemented additional data controls at the functional level.
  • Data Breach Notification: Compliant. Updated enterprise Security Incident Response Plan and database access logging.

Which Sub-Processors Does WeSolve use?

We only work with industry-standard service providers for our Service to ensure the highest standards of availability, stability, security, and privacy.

Are your Sub-Processors also GDPR compliant?

Yes, we have written Data Processing Agreements (DPA) in place with all our sub-processors.

Training and Awareness

WeSolve has established a core privacy team comprising leaders from various departments, led by our internal Data Protection Officer (DPO). This team ensures that all GDPR requirements are met across all functions, including Marketing, Engineering, and Operations.

Data Inventory

We have thoroughly reviewed and identified all areas where WeSolve collects and processes customer data. This includes cataloging everything from cookies to help desk interactions. Using this data matrix, we have validated our legal basis for collecting and processing personal data while ensuring that appropriate security and privacy safeguards are applied across our infrastructure and software ecosystem.

Risk Assessment

As required by GDPR, WeSolve follows a structured Data Protection Impact Assessment (DPIA) process to identify and minimize potential data protection risks. Our engineering team has always prioritized security and privacy when making tooling and implementation decisions, making compliance with this requirement an integral part of our development process. Whenever changes occur in how we handle personal data, we assess potential privacy and security risks. If any risk is identified, our product and engineering teams collaborate on a mitigation plan to minimize any impact on WeSolve users. This risk assessment process is an ongoing effort as we continue expanding our services.

Breach Management

We have an established breach management and communication plan, which has been updated to align with GDPR regulations, ensuring that any necessary escalation and data subject notifications are handled in compliance with legal requirements.

Your Rights Under GDPR

Consenting to our Terms of Service is an active step in the sign-up process. However, as per the GDPR “Right to Be Forgotten,” you have the right to opt out and request data deletion. If you delete content in your account, such as removing a member, all related personal data is permanently deleted from our user database, and associated data like ideas are anonymized. You can always contact us if you wish to access, correct, amend, or delete any information that WeSolve holds about you.

Clear and Concise Legal Terms

At WeSolve, we practice full transparency internally and with our customers. Our updated Terms of Service and Privacy Policy provide clear information on:
  • What personal data we collect
  • Why we collect it
  • How we use it
  • Who we share it with
  • How long we store it
We strive to ensure that our policies are written in clear, accessible language so that our customers understand how we protect their personal data.

Consent

We have updated our cookie policy to provide complete transparency regarding the data we collect when you visit our site and how that data is used. Our cookie policy page also outlines how you can control and manage cookie settings in your browser.

Individual Data Subject Rights

WeSolve is committed to helping customers meet the data subject rights requirements under GDPR. All personal data is processed and stored using fully vetted, DPA-compliant vendors. We store conversation and personal data for up to six years unless an account is deleted. In such cases, all data is permanently removed within 60 days in accordance with our Terms of Service and Privacy Policy. Information related to legal transactions between customers and WeSolve is retained for up to 10 years. If you are working with EU customers, we will assist you in fulfilling their rights to access, update, retrieve, and delete personal data at no additional charge.

We Are Here for You

WeSolve is dedicated to addressing any questions or concerns regarding data protection under GDPR. If you have any inquiries, please feel free to reach out. Social Tech Projects ApS Charlotte Muncks Vej 17 3 th, 2400, Copenhagen, Denmark CVR-nr: 40533982 Email: legal@wesolve.app Website: https://wesolve.app This GDPR Policy is effective as of January 01, 2025.
  • Product

      Ideas

      Easily gather insights and ideas from your community to shape better decisions together.

      News and Events

      Promote participation and share information to form opinions and foster engagement

      Feedback

      Turn your community feedback into positive change. Make it easy for everyone to voice their experiences

      Projects and Workshops

      Organize activities efficiently to promote and achieve key organizational goals.

      Surveys and Polls

      Promote informed decision-making and active engagement with insightful community feedback

      Gamification

      Motivate your community in a playful and stimulating way to stay engaged

  • Use Cases

      Citizen Engagement

      Empowering community voices for impactful local change through increased participation

      Open Innovation

      Fostering a collaborative environment for creative solutions and community-driven innovation

      Employee Engagement

      Creating a vibrant and innovative work culture by fostering collaboration among employees

      Housing and Resident Engagement

      Enhancing the living experience in social housing through community engagement and support

  • About Us
  • Plans
  • Resources
Start for Free