Question
Hello!
We are a startup in the 3D Printing sector. As part of our services package, we are offering our customers a highly-interactive online community to share and collaborate on 3D Printing designs and development. What do we have to pay attention to regarding the protection of our customer's personal data?
We appreciate experiences from legal as well as technical perspectives!
As a startup, high efficiency in cost and operability is crucial. We would like to operate globally, so suggestions from any country are welcome!
Answers: 2 public & 0 private
First question, what kind of personal data will you be collecting? Do you have a disclaimer in place for your terms of use? What kind of standards and controls do you currently have in place for folks to participate? How is the data being stored? Who audits the controls?
If it's just an online community, I can't imagine sensitive data being housed. Can't they sign in anonymously?
Keep in mind, that websites that houses SSN, CC#, IPs and birthdates, have a higher risk of breach, than an online community. My suggestion is to have folks agree to Terms of Use before they participate, outlining that personal information is not encouraged to be posted in the online chat and that your organization is not responsible for data stolen if they don't adhere to guidelines. In the end, it's all protecting not only your customers, but your brand equity as well.
Recent questions
I am looking for ...
3 6114 2