GDPR Compliance

The EU recently approved the  General Data Protection Regulation (GDPR) and will begin strictly enforcing on May 25, 2018. GDPR was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy.

In short, it will streamline data privacy across the EU, and put in place new privacy protections for EU citizens. The way that we are getting compliant as a US company is by becoming a Certified Privacy Shield Member. 

We created several new tools, forms, and support processes to help creators and their businesses get and stay compliant with the General Data Protection Regulation (GDPR).

 

New Features

You can now add 'Terms & Conditions' checkboxes to your forms and popups. This will be a required checkbox that your users will have to check before subscribing. You can also add a link to your terms page or privacy policy page here. Learn more 

consentcheckbox2.png

You can identify European subscribers and collect explicit consent from your existing EU subscribers. Using MailMunch's powerful segments and our brand new consent email templates, it's super simple to collect consent from existing subscribers. Learn more

consentfilter.png

Proof of Consent

You can see full proof of subscriber consent on the subscriber's page. It includes:

  • A timestamp of subscriber consent (time, date, location)
  • The source of the opt-in (website, social media, etc.)
  • IP Address of the subscriber at time of opt-in

consent4.png

Double Opt-In

The double opt-in process includes two steps. In step 1, a potential subscriber fills out and submits your online signup form. In step 2, they'll receive a confirmation email and click a link to verify their email, which is added to your MailMunch list.

 

Forms and Assistance

Data Processing Agreement

Our Data Processing Agreement (DPA) offers contractual terms that meet GDPR requirements and reflect our data privacy and security commitments to our customers. Each customer processing personal data on behalf of EU/EEA individuals is now able to sign this agreement here.

Right to be Forgotten

Under GDPR, each of your subscribers in the EU has the right to erasure (or the right to be forgotten), meaning they can contact you and we will delete all of their personal data from our systems. You can initiate this process on behalf of your customers here.

GDPR Audit Concierge

Getting an audit notice can be a scary process as you try to get all the necessary data together. If that happens to you, we want you to know we have your back and will get you any data we have that can help you comply with the audit. Just fill out this form to get in touch with our audit concierge team.

Privacy Shield Certified

We have filed for our Privacy Shield Certification so that we are able to process data in compliance with EU regulations.

 

Questions?

If you have questions on how best to implement these new features, drop us an email at [email protected] or contact us.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

Please sign in to leave a comment.