Data Compliance

Full Data Compliance Guaranteed for The OptinCheckBox enterprise B2B database

GDPR & ePrivacy Directive/PECR Compliance
The OptinCheckBox is fully compliant with the GDPR in our collection, security, maintenance, sharing and control of personal information.
We are also compliant with the ePrivacy Directive/PECR and the draft version of the upcoming ePrivacy Regulation.
This means you may receive and fully utilise the email addresses, phone numbers and Postal addresses held in our B2B contact database for the purpose of direct marketing communications.
ePrivacy Directive/PECR Compliance
Issued by the EU in 2002 to call for consent to be required for marketing communications via email, post and telephone.
Required individual countries to pass their own laws. UK law (PECR – Privacy & Electronic Communications Regulations 2003), requires consent solely for consumer addresses, business email addresses are subject to opt-out only.
We gain consent from each data subject to SHARE information about them with our clients for them to send marketing communications to them via email.
GDPR & UK, Post Brexit
GDPR replaced the 1995 EU Data Protection Directive (European Directive 95/46/EC), strengthening the rights that EU individuals have over their data, and creating a uniform data protection law across Europe.
The UK government has made it clear that the GDPR will continue in force if the UK leaves the EU.
Our Compliance Processes

Our processes demonstrate how we are compliant with the GDPR and ePrivacy rules as well as our philosophy of total respect for each data subject and their rights.

Identify:
We identify new contacts to add from numerous sources.
Verify
We employ a rigorous methodology to verify a fully accurate profile.
Consent
We obtain consent for us to share a contact’s professional contact information with our clients for marketing communications, including via email.
Inform
All of the details are confirmed in an email. Any revisions to information or permission provided by the contact are applied immediately upon receipt.
Remind
We remind the contact that their information is within our service and being shared with our clients for the stated purpose. It also reminds the contact how to opt out should they at any point wish not to continue.
Our Key Principles of Compliance
Transparency

The rules call for the contact to be informed clearly and transparently that their contact information is being processed, the purpose of that processing, the identity of anyone with whom it will be shared, how long the data will be kept and how to opt out etc. We provide all this information to each contact on the telephone and via email and we provide it again every six months.

Opt-out

Both GDPR and ePrivacy impose strict obligations to honour any subsequent opt-outs fully and promptly. We provide each individual with clear details of how to withdraw consent. Immediately any such communication is received, it is actioned and the information is then no longer visible. In addition, each client that has received that information is advised that the information should be promptly removed from their files and we follow up with each client to ensure removal has been actioned.

Security & Control

GDPR mandates that organisational and technical measures be in place to protect information from loss, damage (accidental or malicious) and unauthorised disclosure. It also requires us to be fully knowledgeable and aware of all actions against the information. Our rigorous security protocols ensure that we comply fully.

Accuracy

A key requirement of the GDPR is that the information that is processed must be accurate and it must be maintained so that it remains accurate. We focus considerable energy, effort and management attention on ensuring the utmost accuracy, completeness and recency of the information which is reverified at least twice per year. As soon as we are aware that our information may be outdated, we suppress the contact from all use until the information can be brought up to date. Once we become aware that communications by our clients would no longer be relevant, the information is removed.

Access Requests

We maintain a single database and, thus, responding to a data subject access request is simple, straightforward and rapid. The only information held is professional detail sufficient to enable communications relevant to that individual. Every update performed to a record is permanently logged which enables us to provide details the source of each value held. Every access by a client is permanently logged which enables us i) to identify every organisation with whom the information has been shared and ii) in the event of an opt-out, to ensure effective removal by each client.

Is your data TPS & CTPS compliant?

Steer clear of making unsolicited calls to numbers registered on the Telephone Preference Service (TPS) or Corporate Telephone Preference Service (CTPS) and subsequently avoid risking fines.

How The OptinCheckBox’s realtime TPS & CTPS checking removes your risk
CAN-SPAM compliance is absolutely critical to a healthy email program.
We Manage our Opt-outs
Our partners honor opt-outs too!
The unsubscribe link
Up-to-date mailing Address
We Evaluate the email content

Learn more about our data solutions for marketing.

Translate »