Your email marketing might be GDPR-compliant, but what about your outside partners and vendors?
Under GDPR, any third party that processes your users’ data is legally obligated to be in compliance. If you use a company that is not compliant, you can be held liable and suffer the consequences including paying fines.
As you know, MailerLite has been on top of GDPR compliance. We want to ease your mind and give you the confidence that your email marketing practices comply with GDPR.
To that end, we are happy to present our Data Processing Addendum, which establishes our GDPR compliance to give you peace of mind.
🤔 Why you need a data processing agreement
GDPR is all about protecting your users’ data. If you use other companies to help you process user data in any way, you are required to enter into a written agreement with each data processor.
In GDPR language, you are considered the ‘controller’. Your responsibility is to protect your users’ data by vetting your data processors. You need to establish that they are GDPR compliant.
But more importantly, legally binding contracts with your vendors will instill confidence in your subscribers that you have their interests in mind.