Delta Chat offers Privacy by Design
- Confidentiality: End-to-end encryption by default.
- Data minimization: No alignment or uploading of the address-book content.
- Data avoidance: No Delta Chat server, no processing of personal data.
The GDPR and Delta Chat
The current status reflects Delta Chat and GDPR ( 16.05.2018).
By providing user-friendly end-to-end encryption, Delta Chat implements the requirements of the Data Protection Regulation in terms of Privacy by Design.
No need to obtain consent to process the address-book-data from the data subject, article 7 GDPR.
Delta Chat is processing no personal data carried out on the controller’s behalf and requires no instructions from or contract with the controller.
The controller is not obliged to provide the direct or indirect data subject with information regarding the collection of address-book-data, article 13, 14 GDPR.
By not processing any messenger data in particular, there is no need for carrying out a data protection impact assessment, Article 35 GDPR. Remaining risks to the rights and freedoms of natural persons are generally limited to the communication data processing of the controller and the email provider.
The inclusion of Delta Chat’s privacy measures into the record of processing activities can have a positive impact on eventual evidence documentation, (article 30 GDPR) as well as on the data protection certification process, Article 25 (3), 42 GDPR.
With Delta Chat, maintaining a record of processing activities linked with the messenger-communication then focuses on the record of information about the email-provider activities, Article 30 (2) GDPR.