It is very important for us to keep GDPR at the center of Touchdown’s email solution. Our privacy by design is embedded at the core of how we handle personal data processes. We make sure that we have a data breach emergency plan, that your data is well-encrypted and able to be ported. Our Data Protection Officer makes sure that our data processing records are in order, our third-party providers are GDPR compliant, our documentation is up-to-date and that our teams are well-informed and trained to align GDPR compliance in their everyday work.
GDPR is a law regulation officially employed since 25th May 2018. It aims at strengthening and unifying data protection of EU citizens. It was put into action by European Parliament and the Council of the European Union and the European Commission to replace EU Data Protection Directive (95/46/EC). Any company and organisation which is not compliant with this law framework may be subject to fines.
There is no distinction between B2B and B2C when it comes to GDPR application. On the contrary, it applies to both. Moreover, the new ePrivacy Directive is under review and is going to align with GDPR as Privacy and Electronic Communication Regulations allowed for a soft opt-out approach in email marketing.
GDPR applies to all the entities of all sizes which process personal data of EU residents, regardless of their location.
GDPR applies to all 28 EU member states and to all the entities located outside of the EU when collecting data of EU citizens.
All the entities which are not compliant with GDPR law can receive maximum penalty of 20 million or 4% of global turnover, depending on whichever is greater. Another example of tiered approach could be as the example depicts; if your data records are not in order or if you do not notify the supervisor about a breach you can be a subject to a 2%.