What is GDPR?

GDPR is the new General Data Protection Regulation in Europe. It involves harmonizing data protection policies across all European countries. It comes into effect on 25/05/2018. More information on CNIL’s website.

What changes?

Contrary to what many claim (it’s an opportunity for communication…), GDPR has not drastically changed the rules applicable regarding emailing if you already complied with French rules.

You can find the list of changes on CNIL’s website but to summarize:

• Sanctions for violations are strengthened.
• Legislations of European countries are standardized.
• You must be able to prove your compliance with GDPR.
• You must offer your users the right to export their personal data to use elsewhere.
• You must transparently inform your users about the collection of personal data and how you use it.

For the rest, GDPR follows the main lines of the French Data Protection Act already in force in France.

Is OxiMailing compatible with GDPR?

Yes, our platform is perfectly compatible.

• Regarding data retention:

On our system, you have full control over your data and can delete it whenever you want.

• Regarding campaigns:

You have the choice between storing your campaigns locally (in which case we do not have access) and storing them in the Cloud. In the latter case, only a person with your license key can access your campaigns, and you have the option to delete them (or download them locally) whenever you want.

• Regarding tracking data:

Tracking data associated with your campaigns is only stored for 18 months on our servers. After this period, the data is automatically deleted.

• Regarding hosting our services:

All our servers are hosted in French and European data centers at OVH and Online. These providers guarantee maximum security at the network infrastructure level. We never transfer your personal data outside the European Union.

• Regarding the security of our services:

Our servers are configured to receive updates automatically and comply with state-of-the-art security measures. Our team strictly follows cybersecurity news and always strives to keep your data secure.

How can OxiMailing help me implement GDPR rules in my company?

First of all, we are here to assist you. Our team is available to answer any questions you may have. Some of our employees have been specifically trained for this purpose.

Next, within the scope of GDPR (not specifically for your email campaigns), you will need to establish rules and processes. One of these involves ensuring that you do not retain more personal data of your recipients than necessary.

As seen earlier, you have control over your campaign files and can choose to delete them whenever you wish. To help you, we have also integrated a tool in our solutions to anonymize campaigns older than X months (where X is to be defined by you).

To access it, go to “Settings” / “Options” / “Anonymization”.

I have a question, how can I contact you?

Simply visit this page which provides all our contact information (email + phone). Feel free to contact us.