GDPR Mailing House
Established, compliant GDPR Mailing House. Essential for responsible, legal mailing.
The General Data Protection Regulation of 25th May 2018 is an EU regulation for the data protection and privacy of all individuals. Personal Data is at the forefront of the legislation and greater emphasis is now placed upon the documentation that data controllers must keep. Data Controllers are defined as individuals who determine the purposes for which, and the manner in which any personal data are, or are to be, processed. As a Data Controller it makes good sense to work with a compliant data-assured GDPR Mailing House.
So, what is Personal Data when mailing out to individuals?
The regulation interprets Personal Data as relating to any information that can identify a person. A person’s name and address for example is Personal Data. Whereas mailing out to a list of addresses only without any individual name is considered outside of the GDPR.
Using non-addressed mail data such as from www.geolist.co.uk is outside GDPR. This is because no one can be readily identified at an address. Hence this type of partially addressed mail is a legitimate way to reach households and businesses. However, it is important to note that using an existing named database and simply excluding the person’s name is strictly a no. This is a direct breach of the rules.
As a GDPR Mailing House any personal data processed must follow a secure, accountable process. This means that information about data is systematically recorded. The type of information includes (for example) how data is received, what it is used for, where it is held and for how long.
Robust data and security policies manage all data from the time that it is transferred over to Sharp Cat servers until the time that it is mailed.
Three key facilities to help GDPR mailing compliance:
First, any Personal Data received for mailing is handled via a systematic process. A secure two-way data processing agreement is provided at the start.
Second, an easy way to send mailing data via secure encryption is supplied.
Third, every client is given access to www.mailoptout.co.uk. Mail opt out allows anyone on your data lists the freedom to opt out of any mailing you send them. Opt outs are automatically suppressed against next mailings. This gives your data team time to remove the name, whilst immediately ensuring that the individual has been removed from mailings.
For GDPR compliance advice, speak to a Sharp Cat Account Manager or call a member of the Tech Team today.