The EU recently approved the General Data Protection Regulation (GDPR) and will begin enforcing on May 25, 2018. GDPR was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy.
In short, it will streamline data privacy across the EU, and put in place new privacy protections for EU citizens. The way that we are getting compliant as a US company is by becoming a Certified Privacy Shield Member.
We created several new tools, forms, and support processes to help creators and their businesses get and stay compliant with the General Data Protection Regulation (GDPR).
1. Consent Checkboxes
Learn more: GDPR: Add Consent Checkbox to Forms
2. Identify EU Subscribers and Get Consent
You can identify European subscribers and collect explicit consent from your existing EU subscribers. Using MailMunch's powerful segments and our brand new consent email templates, it's super simple to collect consent from existing subscribers.
3. Proof of Consent
You can see full proof of subscriber consent on the subscriber's page. It includes:
- A timestamp of subscriber consent (time, date, location)
- The source of the opt-in (website, social media, etc.)
- IP Address of the subscriber at time of opt-in
4. Double Opt-In
The double opt-in process includes two steps. In step 1, a potential subscriber fills out and submits your online signup form. In step 2, they'll receive a confirmation email and click a link to verify their email, which is added to your MailMunch list.
Forms and Assistance
1. Data Processing Agreement
Our Data Processing Agreement (DPA) offers contractual terms that meet GDPR requirements and reflect our data privacy and security commitments to our customers. Each customer processing personal data on behalf of EU/EEA individuals is now able to sign this agreement here.
2. Right to be Forgotten
Under GDPR, each of your subscribers in the EU has the right to erasure (or the right to be forgotten), meaning they can contact you and we will delete all of their personal data from our systems. You can initiate this process on behalf of your customers here.
3. GDPR Audit Concierge
Getting an audit notice can be a scary process as you try to get all the necessary data together. If that happens to you, we want you to know we have your back and will get you any data we have that can help you comply with the audit. Just fill out this form to get in touch with our audit concierge team.
4. Privacy Shield Certified
We have filed for our Privacy Shield Certification so that we are able to process data in compliance with EU regulations.