GDPR's enforcement date (May 25, 2018) is just around the corner and businesses around the world are getting ready to be GDPR compliant.
If you work with customers from the EU, you should be too and Metrilo is a marketing platform that will respect that and help you make your store compliant.
At Metrilo, we've always been rigorous about protecting your and your customers' data. GDPR is not really a big change in terms of how we take care of your data as we already use cutting-edge technologies and policies to protect it.
While GDPR's exact requirements for compliance are somehow broad, there are a few things that are pretty clear at this point.
Metrilo is a data processor according to GDPR's definitions. Your business is a data controller. Your customers are data subjects.
Here are the steps we're taking right now, with more coming as things get clearer in the tech and legal areas:
Prior to May 25th, we'll sign a data processing agreement with you so that we can process your data subject's data on your behalf.
Data Portability - your contacts can request the data you have stored about them. In Metrilo, you have full access to it and we'll assist you to compile it to fulfil the data subject's request.
Consent* - your shop visitors will have the option to decline processing of their data for marketing and analytics purposes by Metrilo. We will respect their choice and will not store their personal data.
Data Encryption - Metrilo encrypts all data by the latest industry standards. Encryption is applied both on storage and at all processing layers.
Data Protection Officer will be appointed by our team.
All of our third-party service providers (Microsoft Azure, Google and Mailgun) will be GDPR compliant by May 25th.
*It's still unclear how most eCommerce platforms will handle consent for marketing purposes. There are already a few additional plugins like WPGDPR for instance (for WP and WooCommerce), but we're still to see what the industry standard for consent will be and if the eCommerce platforms will handle it themselves. Metrilo will integrate with those official consent mechanisms to ensure full GDPR compliance for your marketing.