How do I make sure I meet GDPR requirements?

GDPR came into effect on the 25th of May 2018

From that date onwards, collection and use of data of a personal nature have been framed within the General Data Protection Regulation (GDPR).

All the information you’ll find on this page is for informative purposes only and is limited to those aspects that apply to our solutions.

What you need to know in terms of obligations

There are few obligations that you’ll need to meet in order to be compliant.

Information

The right to be informed

The right to be informed

People must understand why and for how long their data will be stored
Consent

Obtaining consent

Obtaining consent

It is obligatory to obtain the clear and unambiguous consent of each contact before using his or her data
Erase

Right to opposition and to be forgotten

Right to opposition and to be forgotten

Individuals have the option to request the definitive deletion of their data and may withdraw their consent at any time
Transfert

Right to data portability

Right to data portability

People can retrieve some of their data in a simple format in order to store or transpose them
Limited

Right to limitation

Right to limitation

People have the option of requesting that certain information not be processed

Impact on key marketing processes

What is now prohibited in terms of consent collection

Opt-out: refers to having to opt out after being automatically registered when registering for any service.

Passive opt-in: consists of pre-checking default boxes such as “I want to receive offers” or a drop-down menu that defaults to “yes”.

What is allowed and required

Opt-ins and double opt-ins: to guarantee legally valid express consent, the request must be clear and precise. And creating a second confirmation to opt to receive campaigns is always a good idea!

The unsubscribe link should be clearly visible in every email you send.

Storing of proof of consent: you must be able to retrieve the consent obtained for each individual and this must be done according to the principle of responsibility required by GDPR.

HOW EULERIAN PROVIDES THE SOLUTION IN 4 KEY STEPS

We ensure that Internet users can object at any time to their personal data being processed by Eulerian Technologies.

We provide an unsubscribe link, available on our interface so it can be immediately added to your website. Should you need assistance with this kind of process, our account management teams are here to help.

The “Consent Management Platform” tool allows you to configure the time limit for storage of cookies and the information collected by the cookies within a limit a of 13 months from the moment the user’s consent was collected (or subsequently collected again).

We recommend you keep within this limited cookie-storage period in order to regularly remind your clients of the existence of cookies and to comply with their right to opposition to tracking or their right to be forgotten, should they so wish.

Minimize your unnecessary or outdated data by erasing what you no longer need.

One of the impacts of GDPR on businesses is a new philosophy as regards data, how they are collected and used. We recommend you clear out any inactive contacts or unsubscribed users and any other data you will no longer be using.

Here at Eulerian we have appointed a Data Protection Officer (DPO) who is in charge of GDPR compliance.

To contact our DPO, just send an email to: dpo@eulerian.com

We also recommend you appoint a DPO to manage the process of becoming GDPR compliant.

What we do on a daily basis to comply with GDPR

As an analytics solution provider we are in an ongoing process of staying 100% GDPR compliant. As part of this process, we decided to have our digital solution audited and adapted. All updates were carried out taking into account the concept of “privacy by design”, in other words, by integrating the highest level of data protection from the beginning and with every use.

Our software is built on a secure and regularly-audited technical infrastructure in order to assure the confidentiality and security of your data. We apply the following measures:

Your data are stored exclusively in France on highly secure Eulerian servers

We do not transfer your data overseas

The importing of your data into our software solution is done through an encrypted transmission channel

Access to stored data is limited to a select few Eulerian staff under a strict authorization policy

An incident management policy is implemented to respond immediately to any security incidents affecting the data we process on your behalf

Finally, our staff are aware of and exhaustively trained on GDPR requirements