While the whole of Europe seemed to be taken by the GDPR (General Data Protection Regulation) frenzy in 2018, we welcomed it at TAUS. We always knew that data are the key to process improvements, quality control, and automation, but that it doesn’t have to come at the cost of misusing personal data.
When companies and individuals use TAUS DQF API, DQF plugins and the DQF Dashboard, they act as the data controllers, data processors and sometimes as data subjects. Let’s look at how a translation performance tool like DQF Dashboard defines these roles and handles personal information.
Who is Who in DQF?
The companies that enable the DQF tracking in a CAT tool/TMS are data controllers, as they determine the purposes, conditions, and means of processing personal data. Everyone else involved in the translation workflow, including TAUS, translators, and reviewers acts as the data processor, as they process the personal data on behalf of the controller.
In DQF, translators and reviewers also become the data subjects, as their name and email address are being collected during the translation process. Sometimes, translators and reviewers can process personal data of other data subjects as part of their translation tasks.
As the data processor, TAUS fulfills the obligation toward the data subjects.
Which Personal Data is Collected and Processed in DQF?
In order to identify the DQF user and show them their performance reports after the project completion, DQF collects email addresses and passwords. If you are purchasing DQF credits, we ask you to provide your name and billing details in order to process the payment. No other personal data is collected.
How Does DQF Comply with GDPR?
The rights to consent, data access, correction, deletion, and portability are treated with utmost importance within TAUS DQF:
- Consent - user explicitly agrees to data processing through the DQF service by enabling the DQF feature in their CAT/TMS and, in most cases, the users need to log in to be able to use the DQF plugin.
- Data access, correction, deletion, and portability - all personal data can be accessed and extracted in MyTAUS, modified and deleted directly by the user. Moreover, if the user (data subject) hasn’t returned a month after deletion to re-activate the account, the data is permanently erased from the database.