General Data Protection Regulation and our Privacy Rules:
To simplify: We do not share any of your private information with third parties. You can unsubscribe from this website any time and we delete your user and your user information.
The General Data Protection Regulation (GDPR) was adopted 27 April 2016 and will enter into application on 25 May 2018: it is a new set of laws that governs both how you communicate, interact with and store prospect and customer data for any of the European member states citizens. It also introduces some substantial changes to the way we are used to treat personal data until now.
WE are fully compliant with GDPR!
What does that mean for you?
We store subscriber’s data in our database and do not transfer any data of this site to any outside services. Our site is hosted with a professional and secured host that provides the required data processing agreement (DPA), which protects your personal (subscriber) data!
Any information that could be used, on its own or in conjunction with other data, to identify an individual is therefore protected. When you subscribe to our newsletter, purchase items in the shop, or comment, we store your email address your name, your surname and your IP addresses in the database.
One very important aspect about the new regulation is how consent is given by the user and how to keep proof of it. To keep it simple, we have to be completely sure of what our subscribers give consent to during the subscription process. We can’t just spam people, which is very good! None of us enjoy getting random emails that do not concern us. However, it is possible and perfectly legal for us to contact certain individuals via email and invite them with the intention to make them aware of services and products as long as we ask for consent! No further action would be required by them to be automatically deleted if they are not interested in our offer.
When you subscribe on this website, you must choose what kind of information you want to receive from us. Choose your lists accordingly. Also, we use double opt-in thatis required by law in many countries to confirm the will of the subscriber by having him or her give consent two times before the actual service begins. The consent is any affirmative act a subscriber does while sending us its data, if clearly and correctly informed. The privacy checkbox we have on all subscription forms is not strictly required but it’s required to have a link to our privacy policy page and we have that on our website.
Proof of consent:
To keep proof of users consent is mandatory with the new GDPR rules. Therefore, when a user changes his profile, activating or deactivating a specific list, he is giving us specific consent, for example to send marketing emails. We have a logging feature which records every change the subscriber performs on his profile and what he changed with a timestamp.
Which data we store?
Besides name and email address, we can collect other data if extra profile fields have been created. More importantly, we collect Ip addresses at the moment of the subscription and whenever a user performs an action on this website. Ip’s are used for various features, from tracking to geo-localization and marketing strategies.
How long do we keep subscribers data?
One of the requirements of the GDPR is that we have to make our subscribers aware of how long we are going to keep their data on our servers and to clearly state that in this “Privacy Rules” page. The reason behind this is to avoid keeping obsolete data or contact information. How do we manage that? We delete all subscribers with a status that makes them unreachable: bounced, unsubscribed, not confirmed and so on. We also delete all subscribers who didn’t interact with us in a specified interval of time. We perform these actions periodically, which helps us to keep our list and data clean and avoid mailing to any other people than valuable subscribers.
Data export and portability:
GDPR also requires to offer our users the ability to ask for a copy of their files for portability reasons. The downloaded data export file should be in a machine-readable format (not human readable). The newsletter component we use on this website by default collects only names and email addresses but if we take advantage of the extra profile fields, that data would be exported as well.
Data modification and integration right:
Newsletter subscribers are able to access their own profile editing panelswhere they can change every detail whenever they feel to.
Data removal:
At this moment, Newsletter subscribers don’t have the ability to delete their own data. If you would like to be removed from the database of the Newsletter subscription, simply change your status to unsubscribed. You will be deleted automatically in due time.
We are using an external delivery service!
Our external Smtp provider is already GDPR compliant, very professional and highly secure! They provide us with a DPA for their services and so does our hosting provider.
Hope this info helps you to feel more secure in this transparent digital world we live today.