Such an agreement describes, for example, how you will use contact data and for what purpose, that the processor is responsible for all technical and organizational security measures, that the processor provides assistance in reporting data leaks, etc. There is a good chance that your current agreement does not comply with the GDPR and that you will have to conclude a new one with your ESP.
8. How many processing agreements do you need to conclude if you have linked software to your CRM system or your webshop?
This depends entirely on how the connection is established. If you have a connection that directly synchronizes data with your email marketing, then the connection itself does not require an additional processor agreement. This does not apply to connections that are provided as a service by a third party. The point is that personal data ends up in your email marketing software via this third party. You are then dealing with an additional processor according to the GDPR.
In these cases, you conclude an additional processor agreement with the organization that provides the connection as a service. And don't forget to also conclude an agreement with the supplier of your CRM software or your webshop software. After all, these suppliers are also processors.
Avg and email marketing
As soon as a third party has or gains access to your stored personal data, you need permission from the persons concerned and you must conclude a processing agreement with that third party.
Suppose you want to use Facebook Custom Audiences korean phone number whatsapp or Look a like Audiences . You provide email addresses to Facebook in order to place targeted advertisements on the timeline of a specific target group. The GDPR states that you need permission from the persons in question to provide their email address and you must conclude a processing agreement with Facebook.
10. How do you, as an email marketer, ensure that you are GDPR compliant from 25 May?
By listing all the points you need to pay attention to. And there are quite a few. For example, you need to critically review your processor agreements and if you work with an ESP, you (as the controller) are obliged to check and assess whether your ESP has taken appropriate technical and organizational measures to protect the stored personal data.
In addition to the right to be forgotten, the right to information, objection and rectification also play a role in e-mail marketing. As soon as a contact wants to use such a right, you must serve this person quickly and easily.
Be transparent!
But that's not all. You also need to make sure that you are transparent about your email marketing activities in your privacy statement . Transparency is important for the GDPR anyway. Ultimately, you need to be clear about all the measures you have implemented to be GDPR compliant.
Is retargeting of my email list still possible?
-
- Posts: 26
- Joined: Sun Dec 22, 2024 6:24 am