Yes, but first it’s important to know that with the entry of the GDPR in 2018 nothing has changed about the legislation regarding direct marketing e-mail marketing. There is a lot of change in terms of data editing and updating of data. In this matter al our data sources are GDPR compliant.
BoldData uses legitimate interest as the legal ground for our data processing, we always secure this by performing a balancing assessment, that verifies and balances our interest to process the data versus the individual’s right to privacy. In general terms, this is what the balancing assessment consist of:
• A description of BoldData’s legitimate interest and an evaluation if the data processing is necessary and proportional for the purpose we have.
• The impact on the individuals and if they reasonable expect what will happen to their data, as well as how sensitive data is, how much data is used and how it is processed;
• Additional safeguards we have put in place which could limit the impact on the individuals, such a data minimization, privacy enhancing technologies; increased transparency, the right to opt-out, and data portability.
The record of the balancing assessment is saved, so that we can demonstrate the considerations we have made. When doing the balancing assessment, we require that all requirements for the individuals’ rights are fulfilled. We also undertake technical and organizational measures to secure the individuals data.
As soon as you order the data and save it in Excel files or enter it in another application, you become responsible for the data. In doing so, you must comply with the rights of those involved as described in the GDPR. If you are going to practice an active approach (direct marketing); also take the local telecom legislations into account.