GDPR compliance and your email newsletter

As Future Visions Creative Ltd manages your email newsletter and processes data on your behalf, this page provides information on our GDPR policies. You are free to link to this page as part of your own GDPR compliance statements.

 

What is GDPR?

The General Data Protection Regulation (GDPR) is a legal framework that sets guidelines for the collection and processing of personal information of individuals within the European Union (EU). The GDPR sets out the principles for data management and the rights of the individual, while also imposing fines that can be revenue-based. The General Data Protection Regulation covers all companies that deal with data of EU citizens. GDPR came into effect across the EU on May 25, 2018.

 

In what ways is it relevant to our working partnership?

It’s relevant for two reasons:

  1. We process data on your behalf. When you provide us with your lists of opted-in email subscribers, we upload these to the email marketing software.
  2. We create emails and opt-in forms for you, that must be compliant with the permission-based marketing elements of the regulation.

 

Processing data

We understand and accept our responsibility to protect the data we store and process on your behalf. We take the following steps to protect data against potential breaches:

  • We store the minimum amount of personally identifiable information that is necessary to deliver the service we provide.
  • Our security procedures have been created to be compliant with the General Data Protection Regulation.
  • We use reputable providers who have adequate data protection and privacy policies and have no known history of data breaches.
  • All computer systems we use are secured with unique, complex passwords.
  • All software accounts we own are also secured with unique, complex passwords.
  • Passwords and account information are secured with the 1Password password manager, which itself is secured with a unique, complex password and additional security key, and is GDPR compliant.
  • If the confidentiality of data is breached, we recognise our responsibility to disclose the nature of the risk and provide a transparent account of the events without undue delay.

 

Helping YOU to be GDPR compliant

There are a number of things we do when setting up your newsletter template and sending each campaign that will help with your efforts to be compliant with GDPR:

  • Every campaign we create for you contains an unsubscribe link, allowing your subscribers to unsubscribe from future emails from you with one click.
  • Optionally, we can also include a link to a preference centre, which allows your subscribers to see what information you hold on them in the email marketing application and which lists they are subscribed to. They can also edit their information if it needs changing.
  • When creating materials for you, including new emails, web forms and web pages, we’ll do everything we can to assist you with making them GDPR compliant.
  • We commit to providing you with reasonable support in actioning data protection enquiries in a timely fashion, including, but not limited to:
    • subject access requests
    • right to erasure
 

Your responsibilities

Ultimately, it is your responsibility to ensure that your business satisfies the requirements of the GDPR.

One of the key requirements when sending an email newsletter is to ensure that you only email people who have opted in to receive emails from you. With this in mind, it is your responsibility to ensure that the subscriber information you provide us with only consists of people who have opted in to receive emails from you.

 

 

Third-party suppliers

In providing you with the managed email newsletter service, we use a number of third-party suppliers (all software-based). Their own GDPR statements are detailed here for your reference:

Campaign Monitor
JotForm
Dropbox
1Password
Google Mail

 

Questions

If you have any questions specific to your individual requirements, please email Nathan on hello@nathanlittleton.co.uk.