SpamHero has always taken data protection very seriously and therefore needed to make relatively few changes operationally to meet the requirements of the EU General Data Protection Regulation (GDPR). We are pleased to announce that we completed the steps necessary for companies of our size to achieve compliance before the May 25, 2018 deadline. Some of the things we did to comply with the GDPR are:
In accordance with Article 28 of the GDPR, we have prepared a data processing addendum. Clients that are seeking to be GDPR compliant themselves, may send a request to firstname.lastname@example.org to receive the addendum that must be signed and returned to us to become binding.
In accordance with Article 30, we have completed a Record of Processing Activities and have provided a copy to our GDPR representative.
To further show our commitment to data privacy and security, we have completed the steps required for the EU-US Privacy Shield and Swiss-US Privacy Shield self-certification. You can learn more about the safeguards of the EU-US Privacy Shield on the the European Commission website. You can look up our certification on the PrivacyShield.gov website.
GDPR requires an ongoing commitment
GDPR compliance is not a "do once and you're done" type of thing. We will be conduct an annual GDPR audit to identify areas where we can improve and continue to monitor updates to the GDPR.
If there are specific things that SpamHero can do to assist you in your GDPR compliance efforts, please contact our support team and let us know.
This page is not intended to provide legal advice on the GDPR. Please seek professional legal advice to ensure your company is meeting the requirements of the GDPR. You may also read the full text of the GDPR online
. (Note: This link is not
the official GDPR website and is maintained by a third party provider that we are not affiliated with. We just like the way they formatted the regulations.)