What is GDPR?
The General Data Protection Regulation (GDPR) is an EU regulation designed to equalize data privacy laws in Europe and enforce privacy regulations. It is designed to better protect your user’s privacy and reshape how organizations should handle personal data.
How does Mailcoach comply with GDPR?
Mailcoach is fully committed to complying with the GDPR. All of our infrastructure is hosted within the EU / EEA by companies owned within the EU / EEA. We have taken appropriate security measures on a technical and organisational level to ensure the security of any personal data. We also sign Data Processing Agreements with all of our service providers.
Does it apply to me?
If you have customers in the EU, the GDPR will likely affect you in some way.
Data Processor (Mailcoach)
Mailcoach’s services may be used only for lawful purposes. Transmission, distribution, or storage of any material in violation of any applicable law or regulation is prohibited. This includes, without limitation, any material protected by copyright, trademark, trade secret, or other intellectual property right used without proper authorization, and material that is obscene, defamatory, constitutes an illegal threat or violates export control laws.
(Ab)use of Our Service
Mailcoach acts as a data processor, meaning we process data on your behalf. Mailcoach allows you to store personally identifiable information such as first name, last name and email addresses.
In most cases, the data held and collected by Mailcoach itself does not contain any user-identifiable data. However, in your usage of the service, you’ll collect personal data by uploading or adding email list subscribers. Make sure this data complies with the GDPR.
Mailcoach provides numerous ways to help you comply with the GDPR:
- Double opt-in on email lists
- Tracking is off by default
- Individual/personal tracking and email data is only kept for 30 days
- Bounces & spam complaints are automatically unsubscribed from the list.
Data Controller (You)
As a Mailcoach customer, you typically act as a data controller. This means you determine if, why, and for how long data will be stored on our service. It is your duty as a controller to demonstrate the same level of GDPR compliance as is expected.
Data Processing Agreement (DPA)
If you’re a customer and would like to sign our DPA, you can download it here, sign it, and send it back to privacy@mailcoach.app.