GDPR and digital communication

Darine Fayed Head of Legal & DPO

@mailjet

What is GDPR?General Data Protection Regulation

A regulation by which the European Parliament, the Council of the European Union and the European Commission intend to strengthen and unify data

protection for EU residents.

Why It Matters … To Everyone

3

€ 20M 4%annual global turnover

25/05/2018Application Date

Shared responsibility: Data Controllers,

Processors & Sub-Processors

01 Quiz: Does GDPR Affect You?

What GDPR Affects In Your Company0203

04

Focus: 3rd Party Suppliers

Mailjet’s own GDPR journey

GDPR QUIZ

01

6

WHO GDPR AFFECTS

02

8

• CEO

• Legal / Compliance

• CMO

• CTO

Who Will Be Affected By GDPR?

Marketing IT Legal

Data Collection Privacy by Design Terms of Use

Email Marketing Right To Be Forgotten Privacy Policy

Customer Profiling Third Party Providers Clauses

Consent Security of Processing Data Transfers

What You Need To Adapt

Examples.

#1 - Privacy PolicyWe have aligned our policy to be GDPR compliant, have you?

11

#2 - Email MarketingCustomers will have control of their own data

12

1. New consumer opt-in permission rules and proof of consent storing systems

2. Old consumer new opt-in permission if a permission is missing

3. Transparency on data collection and automated profiling

4. All contacts need to be able to: • Unsubscribe from any lists • Be erased from any system • Request copy of their data • Take their data

Clear ConsentWith double opt-in and a clear path to opt-out

13

Clear ConsentExample of a clear consent email

14

You agree that <Your company name> collect, use and disclose the personal information you have provided in this form. You also hereby authorize the provision of marketing materials in accordance with our privacy policy <available at Link>.

Please check the appropriate boxes if you agree: <Checkbox> "

Clear Examples Of Customer RightsDON'T: Opt-out pre-checked box

DON'T: Soft Opt-in: Prefilled checkboxes where the user has to remove the checkmark in case of disinterest.

DO: Double opt-in. Clear declaration of consent. Easy to understand and identify your company.

DO: Confirmation email, with the specific purpose of the consent & linking your privacy policy

DO: Remind customer that they can Opt-out easily and at any time.

15

03

FOCUS: 3RD PARTY PROVIDERS

17

You’re Tools Collect Endless DataDo you know what their collecting?

Your Tools, Could Get You Fined

18

X

Can your email solution help you…

All communication with your contacts

under GDPR requires explicit consent.

Example: Your Email Provider

Large amount of personal data

stored and processed by your ESP.

Your ESP must provide the ability for you to erase your clients’ data records on

request (right to be forgotten).

Bad Growth Hacks01 Linkedin Email Scrapping

02 Unsolicited Newsletters

03 Buying Email Lists

05

MAILJET’S GDPR JOURNEY

22

Mailjet: The All-In-One Email Provider

A team of experts+ 130 employees globally

80% growth YoY Global deliverability consulting

European Leader+ 1.5B emails a month

+100,000 clients

A trusted technologyEmail sending specialist

Marketing & transactional email

The Resources You NeedHead to: www.mailjet.de/dsgvo/

23

Updated as of 10 November, 2017

Questions

I’m here all evening! Happy to answer your burning GDPR and email marketing questions.