What is GDPR? Does truelogic comply?

In this article

What is GDPR?

The General Data Protection Regulation (GDPR) went into effect May 25, 2018 and replaced the Data Protection Directive 95/46/EC in the European Union (EU). It is a law that governs the use, sharing, transfer and processing of any personal data that originates from the EU.

If you are sending email campaigns to individuals located in the EU, the law applies to you. And because we send email campaigns to individuals located in the EU on behalf of our clients, the GDPR applies to us too.

A controller (you: the client or user) determines how and why personal data is processed, and a processor (us: truelogic) acts on behalf of the controller. For controllers, although many GDPR requirements are similar to those from the Directive including grounds for lawful processing and obtaining and tracking consent, there are new obligations that apply as well. We would recommend contacting your legal department to discuss impacts for your specific organization.

Does truelogic comply?

Yes! As a processor, we will comply with the GDPR in the delivery of our services, and we are committed to helping our customers stay in compliance with GDPR and their local requirements as well.

Our updated Data Processing Addendum (DPA) reflects GDPR requirements for processors, including the Standard Contractual Clauses (also known as European Union Model Clauses) that cover having adequate data transfer mechanisms in place to transfer personal data outside of the EU.

In addition:

  • We have updated our Privacy Policy in accordance with GDPR requirements
  • We are committed to following appropriate security measures in accordance with GDPR requirements
  • We will communicate regarding any data breaches in accordance with GDPR requirements
  • We will ensure that employees authorized to process personal data have committed to confidentiality 
  • We will hold any sub-processors of personal data to the same data management, security, and privacy standards to which we hold ourselves
  • Our sign up form, survey and confirmation functionality can help support single and double opt-in methods to track consent
  • GDPR-compliant consent forms can also be created to track preferences either within our standard contacts and groups functionality or in our preference center
  • We will assist with client requests that may result from the expanded rights of EU individuals (e.g. right of access, right to rectification, restriction of processing, right of erasure/right to be forgotten, data portability, object to the processing, and right not to be subject to an automated individual decision making) 
    • Please direct all requests to privacy@truelogic.com
    • In many cases, you may be able to access the requested data from within your own account
    • Where this is not possible, we will provide additional assistance
    • Future development for expanded functionality to support such requests is also under consideration 

Additional Resources

Additional information about the GDPR and its requirements can be found here:

NOTE: Specific conditions apply, and this article is not a substitute for legal advice. We strongly recommend you seek your own legal counsel regarding any compliance issues for your organization.