GDPR Compliance

What is GDPR?

The European Union (EU) passed a set of laws that enhance the protection of the personal data of EU citizens called the General Data Protection Regulation (GDPR) in 2016. It went into effect on May 25, 2018, and changed how companies can interact with personal data from EU citizens. The new set of rules strengthens data privacy and security for individuals within the EU. GDPR also outlines harsh penalties for violations of this legislation.

FrescoData is focused on maintaining GDPR compliance. Because of these changes, we have created new systems that use personal data from EU citizens in a compliant way. We have taken the main areas of interest from the legislation and discussed how FrescoData is compliant with applicable law.

Consent

With GDPR, personal data from EU citizens can only be processed if an individual has given explicit consent. Clear and concise language must be used in the consent process. Consent must also be obvious and easy to understand for individuals as well.

At FrescoData, we work closely with our data providers in EU countries to ensure they have taken measures to secure personal data information in compliance with GDPR. We are tackling consent by moving to a double opt-in subscription system for our email lists. Double opt-ins force individuals to confirm their email address before receiving email communication from a company or individual. This type of opt-in in email marketing is how we maintain consent compliance under GDPR.

Security

Under the GDPR, personal data cannot be transferred outside of the EU. FrescoData already complies with this approach to email marketing.

• Here is an outline of our process: Company A wants to send email marketing to their target market in Germany.
• They contacted FrescoData to set up this campaign on their behalf
• Using an API, we connect to data lists from Germany to send out the campaign

In this scenario, neither FrescoData nor Company A sees the personal data targeted for the email campaign. The FrescoData partner in Germany securely maintains this information. The only way Company A can obtain the personal information of someone from that list would be if an individual responded to their campaign, consenting to share their personal information with Company A. This process allows FrescoData and the companies it works with to send email campaigns to individuals in EU countries, while also keeping personal data safe within its country of origin.

Right to be Forgotten

GDPR allows individuals to gain more control over how their data is collected and used. Individuals now need to be able to access, update, or remove it if they wish. FrescoData takes a practical approach to meet this standard. We include unsubscribe links in all our email marketing campaigns, which individuals can click to opt out of communication with FrescoData and any affiliates. It allows EU citizens to feel confident that they have a choice in receiving email marketing from FrescoData.

FrescoData manages consent compliance by introducing double opt-in features to our subscription process. We are only moving personal information in its country of origin. Plus, we offer steps to edit, update, or remove personal data from our email lists. FrescoData is committed to maintaining GDPR compliance.

For more information about GDPR, you can read the full text here. You can also learn about the legal terms in the provision here.