GDPR Compliance

What is GDPR, exactly?

A regulation in EU law governing data protection and privacy in the European Union (EU) and the European Economic Area (EEA) is known as the General Data Protection Regulation (EU) (GDPR). It also discusses transferring personal data outside the EEA and the EU. 

The primary objectives of the GDPR are to facilitate the lawful operation of international businesses and to grant individuals greater control and rights over their personal data. The regulation applies to any company that handles the personal data of individuals in the EEA, regardless of their location, citizenship, or place of residence. It has rules and requirements regarding the handling of personal data in the EEA.

It is worth noting that email privacy laws have changed since the UK left the EU. We are, of course, adjusting our policies to continue our service of following best practices.

Compliance

Propria.io has used third-party compliance expertise to audit and advise on best practices, in addition to establishing a compliance officer to ensure our adherence to the standards. This enables us to assure clients that GDPR best practices are properly followed at all times, wherever possible.

Compliant Campaigns

Propria.io outreach and initiatives are naturally GDPR compliant due to their primarily B2B, highly targeted, and very relevant nature.


Because we solely perform B2B outreach, PECR authorises email marketing as long as it is relevant and includes the option for the recipient to opt out. GDPR is always applicable and includes data gathering and storage.

We take considerable effort operationally to ensure that data is collected and stored correctly. We also undertake an in-depth evaluation of a client's product, service, or offering to ensure that all GDPR and PECR rules are satisfied when combined with our outreach. The Legitimate Interest Assessment is a critical component of this evaluation (LIA).

Our Messages

GDPR governs the storage and processing of personal data in the United Kingdom. Messages are governed by the Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR). This explains the need for corporate communication:

"You may send an email or SMS message to any corporate body (a company, Scottish partnership, limited liability partnership, or government body)."

Propria.io includes opt-out options in our outreach, allowing recipients to opt out of subsequent contact if they are dissatisfied with being contacted.

Security

We have implemented necessary security measures to protect your personal information from being mistakenly lost, used or accessed in an unauthorised manner, altered, or disclosed.

Furthermore, we restrict access to your personal data to employees, agents, contractors, and other third parties with a legitimate business need to know. A duty of confidentiality binds them, and they will only process your personal data in accordance with our instructions.

We have procedures in place to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach as required by law.


Your responsibilities

Propria.io takes great care to ensure that all regulatory norms and rules are followed. However, as a client, you must comply with the applicable regulatory frameworks in your country and notify Propria.io if you become aware of any changes that require attention.

Propria cannot constantly monitor all the aforementioned frameworks in all countries simultaneously, which is why you, the customer, are crucial in ensuring compliance.

Please view our Privacy Policy for further information.