Back to Top

Help & Support

Get instant answers 24/7

Top > Questions & Answers

Is SpamHero compliant with the GDPR?

In light of the recent decision by the Court of Justice of the European Union to invalidate Privacy Shield as an appropriate safeguard for transferring data outside the EU, our data processing addendum has been updated (as of August 27, 2020) to now include the Standard Contractual Clauses as set forth by the EU Commission for safeguarding such transfers. Clients within the EU or that process data on behalf of EU citizens may want to request an updated copy of our addendum. This change is also reflected in our updated privacy policy.

SpamHero has always taken data protection very seriously and therefore needed to make relatively few changes operationally to meet the requirements of the EU General Data Protection Regulation (GDPR). We are pleased to announce that we completed the steps necessary for companies of our size to achieve compliance before the May 25, 2018 deadline. Some of the things we did to comply with the GDPR are:

  • To fulfill the requirements of GDPR Article 27, we have appointed a GDPR representative in the EU. The contact information for this representative is published in our new privacy policy.

  • In accordance with Article 28 of the GDPR, we have prepared a data processing addendum. Clients that are seeking to be GDPR compliant themselves, may send a request to to receive the addendum that must be signed and returned to us to become binding.

  • In accordance with Article 30, we have completed a Record of Processing Activities and have provided a copy to our GDPR representative.

  • To further show our commitment to data privacy and security, we have completed the steps required for the EU-US Privacy Shield and Swiss-US Privacy Shield self-certification. You can learn more about the safeguards of the EU-US Privacy Shield on the the European Commission website. You can look up our certification on the website.

GDPR requires an ongoing commitment

GDPR compliance is not a "do once and you're done" type of thing. We will be conduct an annual GDPR audit to identify areas where we can improve and continue to monitor updates to the GDPR.

If there are specific things that SpamHero can do to assist you in your GDPR compliance efforts, please contact our support team and let us know.

This page is not intended to provide legal advice on the GDPR. Please seek professional legal advice to ensure your company is meeting the requirements of the GDPR. You may also read the full text of the GDPR online. (Note: This link is not the official GDPR website and is maintained by a third party provider that we are not affiliated with. We just like the way they formatted the regulations.)

Last updated August 28, 2020