Yes, data protection has always been important to us
SpamHero has always taken data protection very seriously and was among the first companies to take the necessary steps to comply to the General Data Protection Regulations (GDPR) before the May 25, 2018 deadline. Steps we have taken include, but are not limited to:
- In accordance with Article 30, we have completed a Record of Processing Activities and have provided a copy to our GDPR representative.
- In accordance with Article 28 of the GDPR, we have prepared a data processing addendum. Clients that are seeking to be GDPR compliant themselves, may send a request to firstname.lastname@example.org to receive the addendum that must be signed and returned to us to become binding.
In light of the recent decision by the Court of Justice of the European Union to invalidate Privacy Shield as an appropriate safeguard for transferring data outside the EU, our data processing addendum has been updated (as of August 27, 2020) to now include the Standard Contractual Clauses as set forth by the EU Commission for safeguarding such transfers. As of April 14, 2021, we withdrew from the Privacy Shield program. Clients that obtained a signed data processing addendum from us before Auguust 27, 2020 may wish to obtain an updated addendum that include the Standard Contractual Clauses.
Our ongoing commitment to data protection
GDPR compliance is not a "do once and you're done" type of thing. We will be conducting an annual GDPR audit to identify areas where we can improve and continue to monitor updates to the GDPR.
If there are specific things that SpamHero can do to assist you in your GDPR compliance efforts, please contact our support team and let us know.