Loading...
GDPR Compliance 2017-09-18T14:55:07+00:00

WHAT IS THE GDPR?

The General Data Protection Regulation (GDPR) is an EU legislation that standardizes and strengthens data protection policies. It goes into effect on 25 May 2018.

Learn More

WHO MUST COMPLY?

The GDPR applies to firms located in the EU and firms outside of the EU that offer goods or services to or monitor the behavior of EU residents.

Learn More

WHY SHOULD I COMPLY?

The GDPR imposes administrative fines of up to €20m or 4% of worldwide revenue, whichever is greater.

Learn More

EMAIL PROCESSING RISKS

Watch a 120-second primer on how MailControl helps you become GDPR-compliant.

A SINGLE EMPLOYEE CAN PLACE YOUR ENTIRE FIRM AT RISK OF GDPR NONCOMPLIANCE

“In order to carry out the data processing activity consisting in retrieving from the recipient of an email, whether the recipient has read it and when and whether it has forwarded it to third parties, unambiguous consent from the recipient of the email is necessary. No other legal grounds justify this processing. Therefore, the data processing that is performed secretly is contradictory to the data protection principles requiring unambiguously given consent, laid down by Article 7 of the Data Protection Directive.”

Dr. Branskat, German DPA

“Before sending the first message with tracking pixels, the individual must be informed about the collection of personal data through this technology.” Also, transfer of the data to the U.S. Based tracking server requires adherence to either Privacy Shield or based on exceptions provided by Article 30 of law no. 677/2001, or under the standard contractual clauses or the binding corporate rules which needs an authorization by the supervisory authority (article 29(4) of Law no. 677/2001). In all situations in which the data controllers transfer data abroad, they have the obligation to inform the data subjects on this matter.”

Oana Luisa Dumitru, Head of International Department, Romanian DPA

“Since embedded hidden tracking pixels are not necessary in relation to the initial purpose for which personal data of the email recipient are processed and having in mind embedded hidden tracking pixels’ purpose, it should be concluded that the only legal ground for use of such pixels shall be data subjects consent as provided in Article 6 (1a) of the GDPR.”

Daiva Vyciniene, Head of Prevention Division, State Data Protection Inspectorate of the Republic of Lithuania

“Where terminal equipment storage is to be used or ‘web-bugs’ or ‘pixels’ are employed, specific consent under ePrivacy is required… Any personal data processing, including tracking, by the processing organisation for their own purposes will mean that the processing organisation is likely to become a data controller, and the full scope of The Acts would then apply to them. In any circumstance, tracking by an organisation must be proportionate and not excessive.”

Irish DPA

Ready for full visibility and control over email compliance?

Let’s get started. Enterprise activation takes mere minutes.

SCHEDULE A DEMO ->
Countdown to GDPR enforcement:
0
0
0
0
Days
0
0
Hrs
0
0
Min
0
0
Sec