GDPR: Our Road to GDPR Compliance

With May 25th sneaking up around the corner, GDPR compliance is the only thing on our minds.

We at Evercontact have been hustling like elves before Christmas to get our service up-to-speed. And after months of research and restructuring, we’re proud to flaunt our GDPR compliance to the world.

Sure, it’s been a bit of an obsession on our end of late. But for good reason: GDPR figures to change the data security game for companies and individuals alike.

If you’re playing catch-up, no worries! We’ve done quite the deep dive into GDPR waters and have written up a “CliffNotes” of the need-to-knows, as well as a brief timeline explaining the evolution of privacy measures.

But most important of all is how we actually became compliant. Without further ado, here’s a look into the notable changes we made on our website and for our users:

Ensuring GDPR compliance

Opt-in. For starters, we’ve added an opt-in checkbox right out of the gates.

New users will be immediately see links to our Privacy Policy, GDPR fulfillment, and Terms of Service pages. They may review these prior to registering and, if satisfied with our security practices, check the box to proceed.

Now, what this does is uphold GDPR’s requirement of consent. Considering we operate within users’ email inboxes — where sensitive info is often held — we want to make sure our users green-light all that our service entails.

And on that note, the opt-in feature promotes transparency on our end. Users have the right to know how we use their data and the extensive protective measures we have in place.

Cookies. With the new box added in our website’s corner, we immediately inform users that we utilize cookies to enhance their Evercontact experience.

Again, this is in the interest of transparency. It also provides relevant information: the “Learn more” link contains further insight into cookie use.

Since our website doesn’t feature targeted ads (or third-party ads of any sort), our cookies are quite benign. We employ them most prominently as a means to remember user information once you’ve registered.

New GDPR compliance page. As mentioned earlier, we’ve added a “GDPR fulfillments” page which is accessible directly from our homepage.

This new section further elucidates some of our GDPR compliance efforts, such as the aforementioned opt-in and our data collection methods.

The GDPR page also contains links to relevant sections of our separate Privacy Policy that deal with GDPR.

Updated privacy policy. Having both a unique GDPR page and a separate GDPR Compliance section in our Privacy Policy may feel redundant, but awareness is a key component of the new regulation.

And as the old adage goes, it’s better to be safe than sorry.

So we’ve updated our Privacy Policy page with appropriate GDPR bullet points, as well as necessary details on our data storage: security measures, third party accessibility, and general information collection practices.

Unsubscribing & email settings. Our product specific emails will continue to include options allowing users to unsubscribe or simply change their settings.

The link to manage preferences can be located at the bottom of such an email.

Users can easily choose to receive these emails on a daily, weekly, or monthly basis.

Furthermore, receiving the exclusive promos and relevant content of our biweekly newsletter requires an additional opt-in as well.

In conclusion: Power to the users

The moral of this story is greater awareness and clearer options: GDPR necessitates stricter data security on our end, increased control on your end, and heightened transparency throughout it all.

As a company founded on the principles of user privacy and responsible data collection, we welcome the new GDPR compliance measures with open arms.

For any questions on our approach to GDPR, please don’t hesitate to ask away at!

Originally published at Blog | evercontact.