Disclaimer: The information presented herein should not be taken as legal advice. We recommend that you seek legal advice on what you need to do to comply with the requirements of GDPR.
What is GDPR?
GDPR is an EU-wide privacy and data protection law that gives individuals more control over their personal data. It applies when anyone processes the personal data of EU residents, regardless of the location of the person/entity performing the processing.
The GDPR is relevant to any globally operating company and not just EU-based businesses and EU residents. Our customers’ data is equally important no matter where they are located
GDPR will take effect on 25th May 2018.
If your business is based in the European Union (EU), or you process the personal data of EU citizens, the General Data Protection Regulation (GDPR) affects you.
GDPR will impact Apps Mav customers and the participants/members to their campaigns. Below you will find an overview of how we are working to become fully compliant, and how we are helping you launch GDPR compliant campaigns and promotions.
What actions do I need to take to run GDPR compliant campaigns?
As an Apps Mav customer that is in the EU or collects data from users in the EU, you need to run GDPR compliant campaigns. Here are some actions you will need to be ready with:
- Audit your systems as well as the vendors you use for GDPR compliance
- Ensure you have the proper methods in place to respond to requests for data access, right to be forgotten, data modification, and proof of consent.
- Ensure that you are obtaining explicit consent when collecting participants’ data. We have made changes to the sign-up form to be GDPR compliant. Be sure you activate them. These can be found in ‘Campaigns’–> Click on your campaign title→ ‘1. Settings’–> ‘General’ → ‘Sign up form (or ‘Lead form’)’
This list is by no means exhaustive. We recommend that you seek legal advice on what you need to do to comply with the requirements of GDPR.
Here is a quick summary of changes we have made :
- We’ve appointed a Data Protection Officer
- You can always contact us directly via email@example.com to discuss any specific GDPR or privacy related concerns
- New Data Processing Agreement: Since we store data in the USA (in an EU Privacy Shield-Compliant facility)
- Requiring explicit consent: We have improved the campaign signup forms to be GDPR compliant
- Right to be forgotten: We have always been committed to this. We allow anyone to request for their account or data to be deleted. For campaign owners, if you face any difficulty or have any concerns with deleting user details, please email us at firstname.lastname@example.org and we will promptly help you with your user’s requests
- Helping you to respond to requests for data access, data modification, and proof of consent.
- Helping you to understand the 3rd parties that we have data processing agreements with (E.g. MailChimp)
- On passing only consented information to third-party platforms that we provide integration with (E.g. MailChimp, Aweber, Campaign Monitor, and ConstantContact)