GDPR Policy FAQ
General information about the GDPR policy
As a European company, we are committed to being GDPR Compliant.
We’re evaluating requirements by the Regulation to ensure that we handle customer data in compliance with applicable law by the May 2018 deadline. As we make progress we will keep this page, and our users and clients up to date on the steps taken.
- (completed) Familiarise ourselves with the GDPR regulation
- (completed) Estimate the impact on the product and documents
- (completed) Nominate a Data Protection Officer
- (in-progress) Review internal data processes and improve them to be compliant with GDPR
- (completed) Make a list of all product updates and improvements that need to happen.
- (in-progress) Implement the necessary changes to the product areas that need changing.
- (in-progress) Educate our users about GDPR and what is expected from them.
A Data Processing Agreement is a legal document listing all the actions taken on our part to keep your data safe in compliance with the applicable law.
Yes. Prezly will make double opt-in a requirement for every new contact subscribing to a newsroom.
For those unfamiliar with this term, "double opt-in" is a 2-step mechanism where a person must confirm their email address after initially signing up.
What about existing contacts?
It is unclear at this stage if all existing contacts will need to double opt-in to make the consent absolutely clear. We're doing more research in this area and will support a mechanism making this easy for clients.
Learn more about the impact of GDPR on your current contact database
The most prominent product changes will be:
- End-user privacy tools (request to be deleted, request for rectification, ...)
- Ability to export contact data
- Double-opt in on newsrooms.
In addition, there are a number of backend modifications and changes to some internal processes.
We will provide a list (as part of our data processing agreement) of all third-party vendors Prezly integrates with and can have an impact on customer data.
Next to that, we’re setting up Data Processing Agreements with all of our Third-Party Vendors, making sure they apply the same rules concerning customer data as us.
We will make regular updates to this page as well as keep you posted through email and in-app messages.
Handling personal data is a joint responsibility. We as a data processor will implement the necessary procedures, but our clients (as a data controller) will need to take the necessary rules into account as well.