What is GDPR and does it apply to your business?

GDPR is a new European Union data privacy law (short for the General Data Protection Regulation) that goes into effect on May 25, 2018. Its purpose is to create a harmonized data privacy law across all the EU member states. As a small business owner, if you email EU subscribers, you must take steps to comply with the new regulations or face stiff fines.

If you use Constant Contact as your email service provider, rest assured, the company is certified under the EU-US and Swiss-US Privacy Shields and transfer and protect the personal data from the EU and Switzerland consistent with the requirements of the Privacy Shield program, governed by the Federal Trade Commission and approved by the EU Commission.

If you do not provide goods or services to EU there is nothing you need to do. This IS a good time to review how you obtain subscribers to your mailing list and how you communicate to your subscribers what information you collect.

1. Review your sign up form. Do you clearly communicate what the subscriber will receive, ie. monthly tips vs. daily meditations?
2. Review your practices in collecting names.  Do you ask for permission or do you assume someone you just met at a networking event wants to hear from you? 
3. Consider using "advanced permission" settings in your Constant Contact dashboard when you upload a new list.
4. Consider using the "double opt-in" permission which requires new subscribers to verify their sign up by responding to an email.

Constant Contact is committed to maintaining the highest level of permission-based email marketing which is one of the reasons it continues to be an industry leader, ranking at the top for deliverability.  

Read more about steps recommended by Constant Contact and what they are doing to make sure you are compliant: 
​

READ MORE