Full Data Compliance Guaranteed for The OptinCheckBox enterprise B2B database
Our processes demonstrate how we are compliant with the GDPR and ePrivacy rules as well as our philosophy of total respect for each data subject and their rights.
The rules call for the contact to be informed clearly and transparently that their contact information is being processed, the purpose of that processing, the identity of anyone with whom it will be shared, how long the data will be kept and how to opt out etc. We provide all this information to each contact on the telephone and via email and we provide it again every six months.
Both GDPR and ePrivacy impose strict obligations to honour any subsequent opt-outs fully and promptly. We provide each individual with clear details of how to withdraw consent. Immediately any such communication is received, it is actioned and the information is then no longer visible. In addition, each client that has received that information is advised that the information should be promptly removed from their files and we follow up with each client to ensure removal has been actioned.
GDPR mandates that organisational and technical measures be in place to protect information from loss, damage (accidental or malicious) and unauthorised disclosure. It also requires us to be fully knowledgeable and aware of all actions against the information. Our rigorous security protocols ensure that we comply fully.
A key requirement of the GDPR is that the information that is processed must be accurate and it must be maintained so that it remains accurate. We focus considerable energy, effort and management attention on ensuring the utmost accuracy, completeness and recency of the information which is reverified at least twice per year. As soon as we are aware that our information may be outdated, we suppress the contact from all use until the information can be brought up to date. Once we become aware that communications by our clients would no longer be relevant, the information is removed.
We maintain a single database and, thus, responding to a data subject access request is simple, straightforward and rapid. The only information held is professional detail sufficient to enable communications relevant to that individual. Every update performed to a record is permanently logged which enables us to provide details the source of each value held. Every access by a client is permanently logged which enables us i) to identify every organisation with whom the information has been shared and ii) in the event of an opt-out, to ensure effective removal by each client.
Steer clear of making unsolicited calls to numbers registered on the Telephone Preference Service (TPS) or Corporate Telephone Preference Service (CTPS) and subsequently avoid risking fines.