Who does the GDPR apply to?

If you collect or process the personal data of any European citizen, regardless of the country in which your company is based, the GDPR will affect your business.
The GDPR has also eliminated the distinctions between various types of businesses — including B2B, B2C, for-profit, and nonprofit — meaning the law applies equally to all organizations that process the personal data of European citizens.

Zulu eDM is fully compliant with the GDPR and the platform ensures clients have the necessary tools manage compliance tasks for the GDPR, Anti-SPAM Laws, Privacy Requirements and data breach and reporting needs for any country, continent, union or accord.

As a Zulu eDM customer, the GDPR gives you new protection rights and assures better access to your personal data.

Right to rectification: Rectify your personal information at any time from your account settings. You can also contact us directly to edit or rectify your information.

Right to be forgotten: Cancel your Zulu eDM subscription and close your accountat any time. You can send us a request to erase all your data, which we will complete within 30 days.

Right to portability: Upon request, we will export your data so that it can be transferred to a third party or competitor.

Right to object: Unsubscribe at any time to any specific use of your information (newsletter, automatic emails, etc.).

Right of access: We are transparent about the data that we collect and what we do with it. To familiarize yourself with this, please refer to our privacy policy. Once the modifications have been carried out, we will notify you and ask for confirmation that you accept all of the new terms. Lastly, you can contact us at any time to access and modify any of your personal data.

How can Zulu eDM help you answer requests related to your customers’ data?
The GDPR provides new rights for your users and customers. Thanks to the measures that Zulu eDM has taken to be compliant with the regulation, you will be able to answer any requests from users who are looking to exercise their new rights regarding their personal data stored in your database.

Right to rectification: You can rectify your contacts’ information at any time. You can also contact us directly to ask us to rectify or delete your data.

Right to be forgotten: If one of your contacts wishes to exercise their right to be forgotten, you can simply delete them from your lists in SendinBlue. This will also erase all their personal data. If one of your contacts sends a valid request directly to us, we will inform you and remove their personal data from your account, as well as from any other Zulu eDM accounts who have personal data on this contact, when applicable.

Right to portability: You can already export your contacts information as a csv file.

Right of access: Make sure that you explain in your privacy policy how you plan to use the personal data that you collect. If your customers make a request to exercise their right of access, you can export their personal data to a csv file (see right to portability).
How can you prepare for the GDPR?

Learn how to rectify and delete your contacts’ information

The right to access, modify and delete data is one of the key points of the GDPR. Find out how to delete contacts or modify their information.

Update your subscription forms

We recommend that you study and update the wording of your subscription forms so that they are as explicit as possible regarding how requested information will be used. Include affirmative language that clearly states the user agrees to the stated terms.
We also recommend using a different opt-in for each of the different ways you plan to use personal data from users. For example, you should use two separate opt-in forms when gathering subscribers for a newsletter and subscribers to receive automated emails triggered by specific user actions (i.e. marketing automation).

Never delete opt-out preferences however you may delete associated identifiable data

One of the main objectives of the GDPR is to minimize the risks of data breaches or leaks and prevent the misuse of European residents’ personal data.
SPAM penalties can occur by not honoring unsubscribe preferences. Never delete the email address or cell phone linked to the unsubscribe request.

Consult with your legal counsel

The information on this page is designed to help prepare Zulu eDM users for the GDPR in the context of our services and should not be taken as legal advice. Additionally, there may be parts of the legislation that affect other aspects of your business as well.
We recommend you seek qualified legal counsel to determine what compliance measures you need to carry out to be fully compliant with the GDPR.