Managing your data protection responsibilities with e-shot

What is GDPR? 

The GDPR, or General Data Protection Regulation, is a European privacy law that went into effect in May 2018. It regulates how personal data of individuals in the EU can be collected, used, and processed. The law impacts European companies, businesses that target European individuals, and those that collect, use, or process the personal data of European individuals. This means the GDPR will apply to most organizations that process personal data of EU individuals—regardless of where the business is established and where their processing activities take place.  

The DPA 2018 enacts the EU GDPR’s requirements in UK law. The UK government has also issued a statutory instrument – the Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019 – which amends the DPA 2018 and merges it with the requirements of the EU GDPR to form a data protection regime that will work in a UK after Brexit. This new regime will be known as ‘the UK GDPR’. 

As of 1 January 2021, the UK GDPR together with the amended DPA and PECR will comprise the personal data protection legislation in the UK. 

How does e-shot help to make data compliance easier for you? 

There are several ways we help to make data compliance easier for you as the e-shot user, these have been outlined below. 

Fully customisable forms: e-shot allows you to create your own sign-up forms which comply with data protection requirements (such as having a visible privacy policy). Using a sign-up form allows you to collect granular consent with ease and have it automatically populate your contact data into e-shot, whether you are using a sign-up form or our API.    

Double-opt in process: Forms you create within e-shot allow you to enable a double-opt in process, meaning contacts that sign-up must confirm they wish to sign up begore they are added into e-shot. Use of double-opt in forms is considered best practice for data collection. 

Managing contacts: Our comprehensive contact records show when someone opted in to receive emails from you, so you can prove consent and modify or remove personal information any time you need to.   

Protected unsubscribe: Once a contact unsubscribes from your emails, e-shot will manage and honour that even if that contact’s email address is deleted and re-imported into e-shot again. 

Allowing contacts to manage their own details: e-shot allows subscribers to manage their subscriptions to you using a preference centre. By enabling your contacts to edit their own profiles through a preference centre, they can not only keep their segmentation accurate by selecting what they are interested in, they can also update key personally identifiable information.   

Keeping relevant records: An important part of the GDPR is being able to demonstrate your compliance. e-shot is unique in recording all the information that is relevant to each contact; from the initial subscription date, opt-out information and any relevant interaction throughout the contact's activity.   

Account security: Admin users can restrict access of other users to the elements of e-shot that they require for their role. In addition to this, Multi Factor Authentication (MFA) or restrict to log in via Microsoft’s Single Sign On (SSO) can also be enabled for the account's users. 

Quickly respond to data requests from your contacts 

 Right of access: You can export data about individual contacts from your e-shot account, which can help you prove consent and fulfil subject access requests (SAR). Access to this function can be restricted to specific users. N.B. As an organisation legally, you have one month to comply with a SAR, so e-shot have made it as easy as possible for you to comply.  

Right to be forgotten: You can delete contacts from your e-shot account at any time. And when someone is removed from your contacts, we anonymise their data in your reports, so you stay compliant without losing any audience insights.  

Right to object: If a contact objects to you processing their personal data, you can remove/unsubscribe them from your account at any time.   

Right to rectification: You can correct or complete contact information at any time. Your contacts can even edit their own information via a preference centre form. 

Right of portability: You can export any of your contacts, or selected information within any list, at any time in your e-shot account.