ShortStack and the General Data Protection Regulation (GDPR)

Below is an overview of the GDPR, its relevance, and the steps ShortStack has taken to ensure compliance. 

What is the GDPR?

The General Data Protection Regulation (GDPR) is a set of data protection laws established to replace the European Union's (EU) previous data protection directive from 1995. It addresses modern changes in data collection and usage over the past two decades.

What Has ShortStack Done to Become Compliant?

To assist users in obtaining proper consent when sending emails through our platform, we've introduced the following tools:

1. Double Opt-in Confirmation Links in Emails: Users can now include double opt-in confirmation links in autoresponders, scheduled emails, and follow-up emails, facilitating explicit consent as required by GDPR.

2. Require Double Opt-in to Receive Emails: Company Profiles can be configured to ensure that only individuals who have double opted into your mailing list receive emails associated with that profile.

For guidance on implementing the double opt-in process, refer to our help document.

To uphold individual rights as outlined by the GDPR, we've implemented:

1. Customizable "From Email Address" Field: Allows recipients to respond directly to your emails, facilitating inquiries about data usage and enabling requests for data updates, transfers, or deletions.

2. "Unsubscribe" Link in Email Footer: Every email includes an Unsubscribe link, permitting subscribers to opt out at any time.

3. Search Tool for Locating User Data: Enables you to find individuals within your lists, update profiles, provide collected information upon request, and delete data entirely.

4. Updated Privacy Policy and Security Information: Our revised policies inform individuals about data usage and storage practices.

5. Data Protection Addendum (DPA): Available upon request by emailing contact@shortstacklab.com.

6. Platform Audit: We assessed all areas of the ShortStack platform to identify and remove or anonymize non-essential personal data.

7. Data Deletion Process Audit: Ensured that all non-essential data is properly destroyed.

8. Two-Factor Authentication: Added as an option for ShortStack accounts to enhance data protection.

9. Adding Opt-In Checkbox Fields to the Form Designer: Ensures that only individuals who check this box receive the double opt-in link to join your mailing list.
10. Double Opt-In Indication Within Lists: Provides a visual indicator of entrants who have opted into your list, aiding in list management and data exports.

For more information on how ShortStack handles your data, read our Privacy Policy. If you have further questions, please email us at theteam@shortstacklab.com.