GDPR comes into effect starting 25th of May 2018 and you should be prepared for it.
We don’t provide legal advice, you should consult your legal advisor regarding the way you conduct your business and what you should do to comply with GDPR.
GDPR has a few main principles, below we show them and also show how MailBul helps, as follows:
1. For customers inside your MailBul application:
A. Right to Access/Rectification
Your customers can always access their account information from their account area, from where they can edit it accordingly.
B. Right to be Forgotten
Your customers can close their account at any time from their account area.
C. Data Portability
Your customers can export all their information, such as account info, email lists, campaigns, subscribers, stats, etc, from within the application.
D. Privacy by Design
MailBul does its best to keep the customer information safely. You can create user groups in order to decide what person access what resource from the application.
E. Age Requirements
When customers register, they are required to enter their birth date in order for you to know if their age meets the legal requirements which might vary. MailBul’s default is set to 16 years, but you can adjust it from the Registration settings.
F. Breach Notification
In case of a data breach on your site you have to notify your customers immediately if they are affected. You can send a mass email for this purpose.
2. For subscribers inside your MailBul application:
A. Obtain Consent
You must insert a required consent checkbox in your subscribe forms, unchecked by default, where you ask your subscribers the consent for sending them emails periodically and only add them to the list if they consent.
You should always enable double opt-in for your email lists so that your subscribers clearly consent they want to be added to your lists.
B. Right to Access/Rectification
Your subscribers, can at any time, update their profile information by following the link you include in the email footers. The tag that does this in MailBul is [UPDATE_PROFILE_URL].
Subscribers might as well contact you directly in order to have their data corrected/removed and you should fulfil their request.
C. Right to be Forgotten
Your subscribers can unsubscribe at any time by following the unsubscribe link which you include in all email footers. The tag that does this is [UNSUBSCRIBE_URL].
D. Data Portability
You can export your subscribers info at any time from your MailBul application.
E. Privacy by Design
MailBul does its best to keep the subscriber information safely.
F. Breach Notification
In case of a data breach on your site you have to notify your subscribers immediately if they are affected. You can send a regular campaign for this purpose.
GDPR also applies to the existing subscribers you have and in case they do not meet the above requirements, you will have to send them a re-consent campaign to ask them if they still want to hear back from you and if they don’t, then remove them from your lists.
GDPR itself is a very complex topic, please make sure you get in touch with a lawyer related to how GDPR applies to the business you are running, in case you have any questions/doubts/etc.
While MailBul offers you the tools to be compliant, it is entirely up to you to do so.