On May 2018, a European privacy law, the General Data Protection Regulation (GDPR), is due to take effect. The GDPR imposes new rules on companies, government agencies, non-profits, and other organizations that offer goods and services to people in the European Union (EU), or that collect and analyze data tied to EU residents. The GDPR applies no matter where you are located.
dotmailer has extensive expertise in protecting data, championing privacy, and complying with complex regulations. We believe that the GDPR is an important step forward for clarifying and enabling individual privacy rights. We want to help you focus on your core business while efficiently preparing for the GDPR.
We are committed to our principles of cloud trust, data protection, and data security. We intend to provide platform functionality to address the privacy demands of our customers. As the GDPR enforcement begins, here is what else you can expect from us:
- Technology that meets your needs – You can leverage our specific platform functionality to meet your GDPR obligations for areas including deletion, rectification, transfer of, access to and objection to the processing of personal data.
- Contractual commitments – Relationships with dotmailer are supported by contractual commitments for our services, including security standards, support and timely notifications in accordance with the new GDPR requirements.
- Sharing our experience – We will share the information that we gather through various Data Protection Authorities and other reputable organizations so you can adapt what we have learned to help you craft the best path forward for your organization.
While dotmailer is fully committed to helping you successfully comply with the GDPR, it is important to recognize that compliance is a shared responsibility. New requirements – like greater data access and deletion rules, risk assessment procedures, a Data Protection Officer role for many organizations and data breach notification processes – will mean changes for your organization. When it comes to GDPR compliance, it’s not just European organizations that are affected, but also those outside of the EU who process data in connection with the offering of goods and services to, or monitoring the behaviour of, EU residents. As such, it is important to understand your obligations related to GDPR regardless of where your organization resides.
It will take time, tools, processes and expertise for you to comply with the GDPR. To do this, you need to make changes to your privacy and data management practices.
We want to make it really easy customers to comply with GDPR regulations. You'll start seeing changes soon. In the meantime, you can keep an eye on our roadmap to see the things we're working on.
We understand that you must be able to entrust your chosen email and automation provider with one of your most valuable assets - your data. To gain that trust we continue to invest in technology and resources to build security and privacy into our platform. We operate a policy of transparency and aim to provide you with the information you need to feel confident in using us. You can view the full details on our Trust Center.
- GDPR Webinar
- What is the GDPR Anyway? (blog post)
- A list of GDPR resources.
- Changes to how you export and delete contacts in advance of the GDPR