Have the terms been updated to reflect GDPR?
Our terms have been updated and are available on our website:
How does Sling ensure deletion and retention of customer data is according to GDPR?
We have verified that Sling has all of the necessary functionality for compliance with the GDPR. The method we use for deletion and retention of data is acceptable for use under the GDPR.
How does Sling process data?
We promise to maintain a high level of security and meet all expectations of GDPR. Any data that customers and users put into Sling will only be processed in accordance with the customer’s instructions. In case of a data breach, we will ensure that the breach reporting will meet all the GDPR requirements.
Are all Sling employees aware of GDPR?
All Sling employees sign an non-disclosure agreement and go through a code of conduct training. The code of conduct training outlines protection of customer data according to GDPR requirements.
Does Sling use others to process data?
Sling uses Mixpanel and Salesforce for analytical purposes and Intercom for support purposes.
How do you handle data return and deletion?
All customer data is stored in our database. Currently the process to delete a customer’s data is manual. Upon receiving a valid request to delete someone’s data we would have a developer physically delete (or NULL out when required) the customer’s data. This deleted data would no longer be present in the database backups after one week.
Who can access my private data?
In Sling we use the principal of role-based access and least privileges. Only employees which need to have access to data will have the access.
How long do you store customer data?
Customer data is stored permanently except when a valid request is made by a user to have their data deleted as per the GDPR.
What is the process if I want you to delete my data?
Send an email to privacy@getsling.com or reach out to our support team and we will delete your data.
How do you obtain and document the consent of storing people’s personal data?
When a person uses Sling for the first time, they are required to give consent as part of setting up their account. This cannot be skipped. We provide links to our terms of service and privacy policy documents and record the date and time when the user gave consent.
What are the data protection policies for customer data?
Please refer to the following resources:
Where is your data physically stored?
The data is stored in the Amazon cloud that meets the most stringent regulatory requirements.
What is your formal procedure for reporting out on data leaks?
Sling determines if the supervisory authority needs to be notified in the event of a breach. Sling assesses whether the personal data breach is likely to result in a risk to the rights and freedom of the data subjects affected by the personal data breach, by conducting impact assessment against the breach. If a risk to data subject(s) is likely, Sling reports the personal data breach to the supervisory authority without undue delay, and not later than 72 hours.
What are the terms of ownership over your data?
Each customer owns their data. We host this data for them in order to provide the services that make up Sling.
How do you store data at rest?
Except for passwords and employee ids all data is stored without encryption. Passwords are hashed and social security numbers (if provided, they are not mandatory) are encrypted. Both use very secure hashing functions and encryption schemes respectively.
How do you handle data in motion?
All communication channels are encrypted according to industry standards and best practices.