GDPR and the importance of transferring mailing lists securely
28th January 2020
The need for good end-to-end security is a given when transferring any personal data, and this includes sending your subscriber mailing list to a supplier such as Spatial Global.
Ensuring your subscriber data remains private
Spatial Global is committed to protecting your customers’ personal information and employs strict security protocols for receiving, managing and disposing of address lists. When you use our mailing services you can rest assured that your data is handled in a GDPR compliant process, details of which we will supply in a written policy document.
How to send your subscriber data
When sending us your mailing lists you should encrypt the files to make them unreadable by any third party. To avoid liability and to protect your customers it’s important to educate your team about email safety. Basic steps like selecting a suitable method of data transfer can go a long way towards protecting data and complying with the GDPR.
How Spatial Global can help you stay GDPR compliant
There are several ways you can transfer data securely to Spatial Global for the dispatch of your mail. We are happy to work with you on your preferred method and will not dictate how you send your data, but we will ensure we can dovetail with your GDPR compliance processes. Should you want a little advice on this we would be happy to have a conversation which outlines the options available. Our aim is to help you arrive at a process that fits best with your organisational needs.
What the GDPR says
If you collect, store, or use the data of EU citizens (even in the event that the UK leaves the EU) then the GDPR applies to you. You may have an obligation to change the way your organisation operates in some fundamental ways.
The GDPR requires “data protection by design and by default,” meaning organisations must always consider the data protection implications of any new or existing products or services. Article 5 of the GDPR lists the principles of data protection you must adhere to, including the adoption of appropriate technical measures to secure data. Encryption is cited in the law as an example of a technical measure you can use to minimise the potential damage in the event of a data breach.