GDPR Compliance

April 13, 2018 | 4 min read

Last Updated: 23/04/2018

 

In May 2018 new regulations will come into place that create a new standard for how companies use personal data.

Naturally, as a business supporting sales teams across the EU, we take privacy concerns very seriously and we are fully committed to being compliant with all regulations.

To help you better understand the impact of GDPR, this article outlines what changes UpMail is making to reach compliance and ensure all personal data processed by UpMail is safe and secure.

 

What exactly is GDPR?

 

The GDPR stands for the General Data Protection Regulation, a recent EU law that ensures all EU countries follow similar regulations when it comes to data privacy. The aim of this policy is to protect the data of EU citizens, giving them more control over how organisations use their data. This means companies now face regulations on what data they can use and how they can it.

UpMail as a data processor

 

Users that upload data to UpMail and use it in their email outreach are considered data administrators. By entrusting us with this data, UpMail is considered a data processor.

In essence this means by using the UpMail app you as a customer are granting UpMail access to your data. This relationship is laid out in our Terms of Service.

Additionally UpMail acts as an data administrator for the personal data we have on our users through our app, website and email list subscriptions.

How does this affect data protection?

 

As the data processor it is required by UpMail that all personal data, including that of users and subscribers is processed in a lawful, fair and transparent way. More specifically this means communicating openly and clearly to all users how their data is processed and for what purposes, as specified in our Terms of Service and Privacy Policy. We will always inform all users and those subscribed to our email lists if any third-party service providers have access any of their personal data.

The GDPR establishes strict rules on what data can be processed. UpMail will only process user data for our legitimate interests that are laid out in GDPR Article 6 (1) (f). Data is held on users that have a UpMail account (both trial and premium) and for those subscribed to our email list.

As an data administrator, you own your personal data and have the right to ask UpMail to change any personal data stored. This can be done by logging into your account, choosing ‘My Settings’ from a drop-down menu in the top right corner and click on ‘Profile’ tab.

Data administrators also have the right to request any personal data be deleted from Upmail by contacting our support team on support@upmailsolutions.com.

As an email subscriber, personal data held by UpMail can be changed by following the link  ‘update subscription preferences’ included in all emails sent via mailchimp. You can also easily unsubscribe to any list by following the unsubscribe link at the end of every email.

Data administrators, or users of UpMail are also obliged to follow these same principles of transparency. When accessing personal data it must be for legitimate reasons that fall in line with GDPR regulation. You must also ensure that all personal data stored is accurate and up-to-date.

Storage

 

We have established a process for ensuring we follow GDPR regulations when it comes to storing personal data securely. UpMail will only store personal data for as long as it is necessary for the purposes of using the UpMail app.

As an administrator, you are required to keep only data for as long as it is necessary for your purposes. For example when launching a prospecting campaign you should only keep personal data for as long as you are in communication with those you have contacted. You must also ensure you are storing personal data securely and not sharing it with third parties without prior consent.

 

What is UpMail doing for the GDPR?

 

Completed:

  • We’ve educated our whole team on all things related to GDPR compliance, keeping everyone up-to-date with the latest regulations
  • A Data Protected Specialist, Antoine Asselin, CEO and Founder of UpMail has been nominated to lead all our GDPR compliance effort
  • Our tech team have compiled a list of all in-app areas that need to be modified in line with GDRP regulations.
  • The marketing department has put together a list of all changes that need to be made to the blog and website to maintain GDPR compliance.
  • A system has been put in place to ensure all personal data belonging to users and email lists subscribers is safely secured and protected.

 

In progress:

  • The Legal team will be making changes to our Privacy Policy and Terms of Service to reflect our commitment to GDPR compliance.
  • The tech team have been busy building new in-app features to make sure UpMail users comply with GDPR when sending emails through our app. This will be completed by the time GDPR comes into affect.
  • All changes to the website and blog will be implemented to ensure GDPR compliance
  • All 3rd part vendors are being reviewed to ensure they are following GDPR regulations. We have DPA in place for a number of our vendors and for the remaining number this will be part of their Terms of Service on May 25th.
  • We will be adding a pseudonymisation to protect any users’ data and increasing our level of security. Don’t worry, it won’t affect the way you send emails, we are just making sure the personal data of UpMail users and email lists subscribers are well-protected.

As part of oGDPR compliance efforts we will also be sending out further resources to all our users to keep everyone informed, on a regular basis, on how GDPR impacts their email outreach.

For further help please email support@upmailsolutions.com.