Data privacy and security
We take your company and employees’ data privacy and security seriously. In our commitment to transparency, we have made all relevant information easily accessible and happy to answer any questions you may have.
Data processing
Reaction follows GDPR and HIPAA guidelines for data processing. Companies can begin using Reaction without initially providing any employee data. When sharing the invitation link or QR code with end-users (employees), each one registers independently on the app. During this process, each end user is required to agree to our terms of use, privacy policy and confirm a health statement.
Data we collect from the end-user (employee):
- Phone number (login verification)
- Full name
- Profile picture (optional)
- Activities data – for example steps (optional)
End users can delete their data directly from the app by visiting the ‘Settings’ tab or by sending an email to DPO@reaction-club.com
Reaction does not sell any data to third-party companies
Subprocessors
Reaction’s sub-processors are industry-leading companies. We work with sub-processors in order to provide our customers with an excellent product and great customer experience while keeping accounts’ data safe and secure. Our main subprocessors
AWS
Cloud infrastructure. Our servers are located in Europe and the USA
Twilio
Login verification and text message provider
xoxoday
We use xoxoday to provide gift-cards
Frequently Asked Questions
Yes, simply send a request to hello@reaction-club.com using the email and phone number associated with your company account. We will promptly remove all data from our system and confirm the deletion via email.
Yes, the data is encrypted at rest
Yes, we take every precaution to secure data; however, if a breach were to occur, we would promptly notify our customers and users
You can email dpo@reaction-club.com or book a demo and include a description of your request in the notes section. This will help us connect you with the right people from our team