GDPR Compliance
What is GDPR, exactly?
A regulation in EU law governing data protection and privacy in the European Union (EU) and the European Economic Area (EEA) is known as the General Data Protection Regulation (EU) (GDPR). It also talks about transferring personal data outside of the EEA and the EU.
The main goals of the GDPR are to make it easier for international businesses to operate legally and to give individuals more control and rights over their personal data. The regulation applies to any business that handles the personal data of people in the EEA, no matter where they are located or their citizenship or place of residence. It has rules and requirements about handling people's personal data in the EEA.
It has to be noted that email privacy laws have changed since the UK left the EU. We are, of course, adjusting our policies to continue our service of following best practices.
Compliance
Propria.io has used third-party compliance expertise to audit and advise on best practices, in addition to establishing a compliance officer to ensure our adherence to the standards. This enables us to assure clients that GDPR best practices are properly followed at all times, wherever possible.
Compliant Campaigns
Propria.io outreach and initiatives are naturally GDPR compliant due to their primarily B2B, highly targeted, and very relevant nature.
Because we solely perform B2B outreach, PECR authorises email marketing as long as it is relevant and includes the option for the recipient to opt-out. GDPR is always applicable and includes data gathering and storage.
We take considerable effort operationally to guarantee that data is correctly collected and kept. We also undertake an in-depth evaluation of a client's product, service, or offering to ensure that all GDPR and PECR rules are satisfied when combined with our outreach. The Legitimate Interest Assessment is a critical component of this evaluation (LIA).
Our Messages
GDPR governs the storage and processing of personal data in the United Kingdom. Messages are governed by the Privacy and Electronic Communications Regulations (PECR). This explains the need for corporate communication: "You may send an email or SMS message to any corporate body (a company, Scottish partnership, limited liability partnership, or government body)." Propria.io includes opt-out choices in our outreach so that recipients can opt out of subsequent contact if they are dissatisfied with being reached.
Security
We have implemented necessary security measures to protect your personal information from being mistakenly lost, used or accessed in an unauthorised manner, altered, or disclosed.
Furthermore, we restrict access to your personal data to employees, agents, contractors, and other third parties with a legitimate business need to know. A duty of secrecy binds them and will only process your personal data on our instructions.
We have procedures in place to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach as required by law.
Your responsibilities
Propria.io takes great care to ensure that all regulatory norms and rules are followed. However, as a client, you must follow the applicable regulatory frameworks in your country and notify Propria.io if you see any changes that need to be addressed.
Tickety Boo cannot constantly monitor all of the aforementioned frameworks in all countries at the same time, which is why you, the customer, are critical in assuring compliance.
Please view our Privacy Policy for further information.