The GDPR is ensuring privacy, and so are we.
On May 25, 2018, a new landmark privacy set of rules called the General Data Protection Regulation came into force in the European Union. We are here to help our customers comply with GDPR through our robust privacy and security failsafes.1
You may have been caught in the buzz around GDPR compliance. If you’re asking yourself: “What does this mean?”, relax, you’re not alone. We know the topic can be confusing and we’re here to break down what GDPR is and how it will affect your business.
What is the GDPR?
The General Data Protection Regulation (GDPR) is a regulation by which the European Parliament, the Council of the European Union, and the European Commission intend to improve data protection for all individuals within the European Union (EU).
The GDPR will replace the 1995 Data Protection Directive. The GDPR is the new Europe-wide set of rules governing the use and handling of individuals’ personal data. You can read the full regulation here.
It has 3 goals:
- Standardizing European data protection regulations.
- Giving citizens control over how their personal data is used.
- Making sure that companies are aware of their responsibilities regarding personal data.
Prospect.io is aware of new GDPR requirements and restrictions, and will be fully compliant with GDPR when it comes into effect on May 25, 2018.
Does the GDPR apply to you?
If you collect or process the personal data of any European citizen, regardless of the country in which your company is based, the GDPR will affect your business.
The GDPR has also eliminated the distinctions between various types of businesses — including B2B, B2C, for-profit, and nonprofit — meaning the law applies equally to all organizations that process the personal data of European citizens.
How does the GDPR affect privacy law?
One of the main goals of the GDPR is to extend the rights of European residents in regards to the handling of their personal data. This can be summarized as follows:
- More access and control over the storage and processing of personal data for consumers;
- A tighter definition of consent and personal data;
- More transparency regarding the use of their personal data once it has been collected
The GDPR has also created new rights of access and data protection for “data subjects”:
- Right to rectification: The data subject may request that their personal data be updated or corrected.
- Right to be forgotten: The data subject may request that their personal data be permanently deleted.
- Right to portability: The data subject may request that their personal data be sent to another organization or competitor.
- Right to object: The data subject may object to specific types of processing or uses of their personal data.
- Right of access: The data subject has the right to be informed of any and all of their personal data that has been collected, as well as its intended use.
Where can I learn more about the GDPR?
Everything you might want to know about GDPR is available on the EU GDPR Information Portal.
How can I sign your DPA?
We have added a Data Processing Addendum (DPA) to our Terms of Service. Please mail us at firstname.lastname@example.org to get a copy of our new DPA. Then, please review, countersign, and return it to us.
Does GDPR Affect Cold Emailing?
The GDPR does not outlaw the use of cold emailing, as long as the emails you are sending are directed to people who will find their content useful. Certain requirements also need to be fulfilled nonetheless:
- The topic of the email must be clearly identified.
- There must be a clear way to opt out from future emails.
- A genuine physical address must be included in the email.
- The sender must be clearly identified.
How Did Prospect.io Get Ready for the GDPR?
At Prospect.io, trust is our #1 value and nothing is more important than the success of our customers and the protection of our customers’ data.
Familiarize ourselves with the regulation and attend legal training sessions DONE
The whole team has attended a training session regarding GDPR.
Nominate a Data Protection Officer DONE
We have nominated our co-founder & CTO: Jean-Baptiste Escoyez.
We have updated our terms and conditions in order to ensure GDPR compliance.
Review our app and identify the functionalities that need to be included, adapted or removed DONE
We worked on Prospect.io to make it GDPR-friendly (e.g. better export of data, exclusion lists with minimum amount of data, …)
Review all suppliers and ensure their compliance with GDPR DONE
We contacted all our suppliers who process personal data in order to ensure they are GDPR compliant.
As Data Controller
We are data controllers when we process data we collect from our customers.
- Ensure all accesses and processes minimize access to personal data DONE
- Ensure that the personal data of Prospect.io users is well protected and that the collection complies with GDPR DONE
- Implement changes in the app in order to comply with the regulation DONE
As Data Processor
We are data processor when we process data belonging to our customers.
- Ensure all data related to a prospect is deleted when you delete one from your lists DONE
- Ensure that prospects who do not want to be contacted anymore are permanently removed from your lists DONE
- Help our users understand GDPR regulation and the impact on email prospecting DONE
How Can You Comply with GDPR?
As a Prospect.io customer, there are a few things you should do. Consider these tips:
Learn how to rectify and delete your contacts’ information
The right to access, modify and delete data is one of the key points of the GDPR. Find out how to delete contacts or modify their information.
Delete the contacts and lists you no longer need
Another main objective of the GDPR is to minimize the risks of data breaches or leaks and prevent the misuse of European residents’ personal data.
This is why it is better to delete all of your contacts who are inactive or those who have unsubscribed from your communications already. If you are not using this information, then it is more advisable to discard it altogether.
Consult with your legal counsel
The information on this page is designed to help prepare Prospect.io users for the GDPR in the context of our services and should not be taken as legal advice. Additionally, there may be parts of the legislation that affect other aspects of your business as well.
We recommend you seek qualified legal counsel to determine what compliance measures you need to carry out to be fully compliant with the GDPR.
If You Have Further Questions,
Please Contact Us
- Please note: this page explains the impact of GDPR on the use of Prospect.io only and is not applicable for any other aspects of your business. It should not be considered as legal advice