WebExercises and General Data Protection Regulation (GDPR)

WebExercises and General Data Protection Regulation (GDPR)

WebExercises has made changes to comply with the EU General Data Protection Regulation (GDPR) by May 25, 2018. The purpose of GDPR is to provide a set of standard data protection laws across the European Union related to the processing of personal data.

Your role as part of the GDPR
You are considered the controller of any personal data entered into the WebExercises software. You determine the purposes of processing the personal data. It is your decision to either enter personal data into WebExercises, for example, what legal obligations you are required to document your treatment, or to use WebExercises as a tool for creating exercise programs without associating them with an identifiable data subject.

What personal data can be input into WebExercises software?
You as the controller may choose to enter the following personal data, First name, Last name and Email address.

WebExercises’ role as part of the GDPR
WebExercises is providing services to you in the form of a software for creating personalized exercise programs. Our service is offered online and personal data may be entered into the software by you. In this sense WebExercises is considered the processor of the data entered into the software and stored on its servers. WebExercises processes the data on your behalf based on the License Grant in our Terms of Use agreement.

In where its own customer registers are concerned, WebExercises acts in the role of data controller.

How WebExercises is prepared for GDPR compliance
On a general level our lawful base for processing personal data on your behalf is by a license or similar agreement based on which we deliver the WebExercises service to you. Access to the personal data we process on your behalf is restricted to situations where WebExercises personnel are required to provide, for example, technical assistance to you. All WebExercises personnel with access to personal data stored in our systems are subject to a non-disclosure agreement that extends also beyond the termination of their work contract.

In addition to using GDPR compliant storage systems, WebExercises:
• uses encryption of the data at rest with an AES symmetric block cipher;
• uses encryption of data in transit with TLS/SSL communications;
• does not allow third parties have access to the data;
• requires all our online customers to have a Data Processing Agreement (DPA) in place with us.
• business processes allow only a limited number of senior-level WebExercises technology staff access to the storage systems, for the purposes of technology maintenance.

 

How WebExercises manages data with 3rd party processors

Provider data:

WebExercises utilizes Authorize.net to process and store credit card information.

Provider First name, Last name - Authorize.net, Mail Chimp, Zoho

Provider email address - Authorize.net, Mail Chimp, ZenDesk, Zoho

Business name - Authorize.net, Zoho

Business Address - Authorize.net, Zoho

State - Authorize.net, Zoho

Postal Code - Authorize.net, Zoho

Country - Authorize.net, Zoho

Provider Client data:

First name, Last name - n/a

Email - Mail Chimp

GDPR includes your right to be informed about the data we hold about you and your right to be forgotten – meaning the deletion of your personal data from our registers – under certain conditions. Please be aware that under GDPR you also have the obligation to inform us about any changes in your personal data and to rectify inaccurate information about you that comes to your attention.

WebExercises will comply with requests from its customers to help fulfil their legal obligations. This might include providing assistance by giving information about data types and categories processed by us, or by providing background information on the way data is secured within our system.

Please direct any questions you have to WebExercises regarding our GDRP policies and compliances to legal@WebExercises.com.

    • Related Articles

    • WHAT IS WEBEXERCISES RX MEMBER PRICING?

      WebExercises Rx Member pricing is our interactive patient Exercise Prescription platform. As WebExercises Rx Member you receive 20% off Academy courses and discounts on select affiliate courses.
    • Steps to Access Course - WebExercises Rx Member

      Here is the direct link to the site: https://webexercisesacademy.com/   Choose a course you want to watch. Select the WebExercises member option from the drop-down list. Login to enroll (use your WebExercises log in credentials) Select the course ...
    • How does PostureScreen Mobile work with WebExercises?

      When you sign up for a WebExercises Professional account any exercise programs created within PostureScreen will sync or be "pushed" into your online WebExercises account. This will allow you to then progress your patients with more challenging ...
    • How many exercises does WebExercises have?

      WebExercises has over 3,000 exercises with video demonstration. These exercise range from post surgical to functional training. We continually update our exercise database throughout the year based on research and current exercise trends. If we don't ...
    • WebExercises Demo & Overview