Is LeadDelta GDPR compliant?
What is GDPR?
The General Data Protection Regulation (GDPR) is a legal framework that sets guidelines for the collection and processing of personal information from individuals who live in the European Union (EU).
GDPR & LeadDelta
What LeadDelta does?
The mission of LinkedIn is simple: connect the world’s professionals to make them more productive and successful.
LeadDelta provides productivity tools for LinkedIn users to manage their network better. LeadDelta stands for Leadership and Delta it creates when deployed properly.
LeadDelta helps you collect your first-degree connections and within LeadDelta organize using filters, tags, notes, and other functionalities that improve professional relationships via LinkedIn.
The change and automation of user behavior (e.g. bots) does not contribute to the goal of LinkedIn and its network. Such services are not allowed on LeadDelta.
GDPR & LeadDelta – less technical
GDPR articles 13 & 14 require strict compliance. We are a Canadian business, not hiding in HK or Belize. We want to have an open discussion and build a sustainable business.
When you exchange a business card with a person, that business card can have email and phone on it or nothing at all. The same happens on LinkedIn. You connect with a 2nd-degree connection, and it becomes a 1st-degree connection.
Much like that business card, your first-degree connection can decide to share or not to share their contact info with you. If they decide to share their contact info with you it will be visible on your LinkedIn. It is permission to be connected and to communicate. LeadDelta does not do anything more than that.
If a connection shares contact information with you, it will be visible on LeadDelta and vice versa. The connections on LeadDelta are a mirror of your LinkedIn's 1st-degree connections (no 2nd or 3rd degree). We don't store any data out of LinkedIn...
If a connection requests a deletion from LinkedIn, it will be deleted from LeadDelta automatically. If you send a message initiated from LeadDelta, it does not get stored on LeadDelta. It goes through LinkedIn and is stored on LinkedIn.
GDPR & LeadDelta – more technical
GDPR articles 13 & 14 require strict compliance. There is no specific exemption for Article 13, however, Recital 62 does provide exemptions that may apply, for example ‘where the provision of information to the data subject proves to be impossible or would involve a disproportionate effort.' For Article 14 there is an exemption written into the Article (Article 14.5(a-d)) with a wider application. The wording from Recital 62 is repeated and the exemption is extended to include ‘[where the] obligation [to send Article 14 Notices] is likely to render impossible or seriously impair the achievement of the objectives of that processing.'
Our interpretation of the two sections, given that our data is a mirror of LinkedIn and the fact we don't locally store anything extra, is that it 'would involve disproportionate effort' and 'seriously impair the achievement of the objectives of that processing' trying to implement the notification system either to LinkedIn or directly with the data subject. After all, if we ever got the request to delete data, it would necessitate deleting it from LinkedIn first. We just mirror LinkedIn and have no ability to perform independent action.
Your LeadDelta team
P.S. See you on LinkedIn
Updated on: 04/11/2022