Privacy made easy
Checklist: Send out GDPR-compliant newsletters
What you should know and implement regarding the EU General Data Protection Regulation (GDPR) and your email marketing.
Companies inside & outside the EU
- Companies in the EU: The GDPR applies to everyone and thus also to companies that act from the EU as the person responsible or contract processor – irrespective of the location where the processing takes place. If the natural person whose personal data are processed does not work or reside within the EU or is a third-country national, this has no effect on the application of the GDPR. It applies equally.
- Companies outside the EU: The GDPR also applies to third parties and therefore also to companies that are not based in the EU but in a third country outside the EU and process data from persons located in the EU. If their data processing serves to offer goods or services – free of charge or against payment – to persons resident in the EU or to observe and evaluate their behavior, these companies are also subject to the regulations of the GDPR. The behavior is observed and evaluated, for example, by using profiling techniques to analyze or predict personal preferences, behaviors and attitudes, which are queried, for example, when sending newsletters in online marketing. But there is no reason to panic. All companies (also outside the EU) that use our CleverReach® software for their online marketing fulfill the requirements of the GDPR.
Email Marketing Software
You need a contract for order data processing with your respective service provider in accordance with the new legal situation. From May 25th on, you are also obliged to document to whom you pass on personal data. The good news: As a CleverReach customer, you will have the opportunity to digitally update the GDPR-compliant new conclusion of your order processing contract with us by this deadline! Watch out for a respective mail including a link in your mailbox.
If you have any further question, please contact our support.
Address data base
To be allowed to continue using email addresses you’ve collected so far, you should check whether these “old” consents meet GDPR criteria.
If not, rectify and obtain consent again if necessary.
FAQ: Questions on GDPR
- Further information and guidelines on GDPR – and especially on email marketing – can also be found in an interview with our Chief Legal Officer Konrad Frerichs.
- We haven’t answered all your questions? Have you encountered problems, conflicts, doubts about certain processes or interfaces during the implementation of the new data protection regulations regarding your newsletter marketing? We regularly update our customers GDPR FAQs.
Question: What does a newsletter registration form have to contain in the future to be GDPR-compliant?
Question: Does a link with the data protection declaration have to be displayed in the form and/or actively confirmed via a tick?
This is hard to generalize, as each customer has different requirements. Accordingly, we cannot provide standard texts. From our point of view, however, the following information should be part of the declaration:
a) Exact, transparent and easy-to-understand explanation of what happens to the data (where they are stored, that CleverReach has been commissioned as a service provider and an agreement on order data processing exists)
b) The exact purpose and type of data collection
c) right of withdrawal
d) Storage time and location
e) Right to obtain information on data and deleting/blocking