# ActiveNow and GDPR Since 25 May 2018, GDPR has been in force across the European Union, setting out the rules for personal data protection. As a school, you collect and process your clients' data — ActiveNow helps you do it in full compliance with the law. ## What is GDPR? Since 25 May 2018, the European Union has enforced regulations on **privacy and personal data protection**. Every business must obtain consent from its clients before collecting, storing, or processing their data in any way. Clients have the right to **view, edit, and transfer** their personal data, as well as the right to have it **permanently deleted** from a company's database. ## Data controller vs. data processor From a legal standpoint, the new regulations distinguish between two roles: 1. **Data controller** — the owner of the data; the entity that collects data from its clients, and determines and communicates why and how it is processed. 2. **Data processor** — an external party working on behalf of the controller, supporting its operations. In the context of ActiveNow and its work with schools: 1. **The school remains the data controller**, collecting client data for necessary administrative purposes. 2. **ActiveNow** acts as the **data processor** in this relationship. ## GDPR and client rights GDPR grants consumers four key rights. They can: 1. **view** the data a company holds about them, 2. **edit** their data if it is incorrect, 3. **transfer** their personal information at any time, 4. request the **right to be forgotten** — permanent deletion of their data from the company's database. ## How ActiveNow supports GDPR compliance In line with the rights established by GDPR, **ActiveNow** users (including parents and instructors) can: 1. **view** their data in the system and verify it is correct, 2. **update** their data to keep it accurate, 3. **export** their information in digital form when needed, 4. **delete** their account and be **forgotten** if they end their relationship with the school. In an era where **data security comes first**, physical registers and Excel spreadsheets are a less reliable option than a digital database protected by professionals. We're committed to giving our clients full **control** over the data they've entrusted to us. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://help.activenow.io/en/getting-started/activenow-and-gdpr.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.