What is your plan with being GDPR-compliant?

As a European company we’re committed to being GDPR Compliant. 

We’re evaluating requirements by the Regulation to ensure that we handle customer data in compliance with applicable law by the May 2018 deadline. As we make progress we will keep this page, and our users and clients up to date on the steps taken. 

  • (completed) Familiarise ourselves with the GDPR regulation
  • (completed) Estimate the impact on the product and documents
  • (completed) Nominate a Data Protection Officer
  • (in-progress) Review internal data processes and improve them to be compliant with GDPR
  • (completed) Provide all of our clients with an updated Terms of Service, Privacy Policy and Data Processing Agreement. All clients will need to agree and comply with these.
  • (completed) Make a list of all product updates and improvements that need to happen.
  • (in-progress) Implement the necessary changes to the product areas that need changing.
  • (in-progress) Educate our users about GDPR and what is expected from them. 

Will GDPR require any action on our part (as customer)? 

We will be providing all our clients with an updated version of our Terms of Service and privacy policy. You will also need to sign a Data Processing Agreement. 

A Data Processing Agreement is a legal document listing all the actions taken on our part to keep your data safe in compliance with the applicable law. 

Are you implementing double opt in for newsroom subscribe?

Yes. Prezly will make double opt-in a requirement for every new contact subscribing to a newsroom. 

For those unfamiliar with this term, "double opt in" is a 2-step mechanism where a person must confirm their email address after initially signing up. 

What about existing contacts ?

It is unclear at this stage if all existing contacts will need to double opt in to make the consent absolutely clear.  We're doing more research in this area and will support a mechanism making this easy for clients.

Will there be any visible changes to Prezly for us?

The most prominent product changes will be:

  1. End-user privacy tools (request to be deleted, request for rectification, ...)
  2. Ability to export contact data
  3. Double-opt in on newsrooms.

In addition there are a number of backend modifications and changes to some internal processes.

Have you appointed a Data Protection Officer?

Yes.

What about third party vendors Prezly uses?

We will provide a list (as part of our data processing agreement) of all third party vendors Prezly integrates with and can have an impact on customer data. 

Next to that we’re setting up Data Processing Agreements with all of our Third Party Vendors, making sure they apply the same rules concerning customer data as us.

How will you keep us informed about changes?

We will make regular updates to this page as well as keep you posted through email and in-app messages.

You will need to agree to our Data Processing Agreement as well as the new terms of service and privacy policy before the 25th of May.

What will be expected from us (Prezly users)?

Handling personal data is joint responsibility. We as a data processor will implement the necessary procedures, but our clients (as a data controller) will need to take the necessary rules into account as well.

When can we expect the necessary changes to Prezly?

We’ve already made changes in the background to start supporting procedures. Over the coming weeks when updates are done concerning GDPR we will inform all of our users using in-app reminders and/or email notifications.

Additional resources:

Did this answer your question?