Global Email:Privacy and Global Email: Difference between revisions

From Melissa Data Wiki
Jump to navigation Jump to search
Created page with "← Global Email ==What is GDPR or General Data Protection Regulation?== As of the 25th of May 2018, the European Union implemented the General Data Protec..."
 
No edit summary
Line 33: Line 33:


[[Category:Global Email V4]]
[[Category:Global Email V4]]
[[Category:Best Practices]]

Revision as of 00:04, 23 July 2020

← Global Email

What is GDPR or General Data Protection Regulation?

As of the 25th of May 2018, the European Union implemented the General Data Protection Regulations (GDPR).

These regulations apply to anyone who processes data gathered or stored in the European Union, regardless of where the data processor is located.

Overall, GDPR obligates all data collectors and processors working in Europe or with European data to transparently collect, store, and process that data, and to do so with only the minimum amount of data needed for the task at hand.

Additionally, GDPR dictates that data systems must implement data privacy and protection by default.

Article 6 of GDPR outlines the 6 scenarios when an organization can legally use personal data at length. Overall, it comes down to either needing to, or doing so with the explicit consent of the individual source of the data.

On the consumer side, GDPR outlines many rights afforded to individuals regarding their data - rights to be informed, access, erasure, etc. Chapter 3 of the GDPR outlines these rights in full.

For more information, see this summary of GDPR from the European Union itself, or the full text of the regulations.


Is Global Email compliant with GDPR?

Melissa Data as a company is fully GDPR compliant.

Emails are overall less sensitive compared to other personal data, such as full names and addresses. GDPR does allow companies to store actual emails - no hashing or other obfuscation required - such that it is hard to connect any email to any other piece of personal information, whether internally or in the event of a breach.

Other information related to emails, namely information about domains, is not considered personal data. You may find that some requests do include contact information about the domain owner, but this information is gathered from external sources, all of which are GDPR compliant in their own right.

But, for Global Email specifically, we have gone beyond simple compliance.

While GDPR does allow companies to store emails such that they cannot be connected to other personally identifiable information, we have chosen not to directly store any emails verified by our European clients in any way.

It is important to note that GDPR does allow for US-based companies to leverage data gathered and stored outside of the GDPR sphere of influence. Therefore, we use our US-hosted cache of nearly 800 million emails to bolster email verification in Europe.

Please do not hesitate to reach out to us with any questions regarding our GDPR compliance.