The EU's General Data Protection Regulation (GDPR) provides customers with control over their personal information that businesses store and handle, without trade-offs.
Chargebee as a Data Controller
To fulfil legal obligations under GDPR, as a data controller, we have performed the below steps:
Data Categorization and Analysis, to track the flow of personal data through our systems.
Data Retention - By establishing an automated data retention mechanism, we clear the customer’s Personally Identifiable Information (PII), and all end-user data from our databases, within a period of 120 days.
Consent Mechanism - we collect consent from our customers wherever it’s applicable, and also provide an easy way to withdraw it.
Chargebee as a Data Processor
To aid the Chargebee users to be GDPR compliant, we provide
Consent Management: This feature allows you to obtain and revoke explicit consent from your customers and manage it within Chargebee. More on this here.
Personal Data Management: Chargebee gives you full control over how personal data of your customers is retained on our systems or erased from it. More on this here.