What does Mailchimp do to comply with the GDPR?
- Appointed a Data Protection Officer (DPO) to oversee our compliance program.
- Continuously review our security measures to ensure any personal data we collect and process on our systems is adequately protected.
- Provide our customers with GDPR-ready terms in our Data Processing Addendum and update our contracts with third party vendors to ensure they are GDPR-compliant.
- Maintain formal processes around data subject rights to ensure we can help customers fulfil requests they receive.
- Complete Data Protection Impact Assessments to identify and minimize any risks from our processing activities.
- Maintain accurate records of our processing activities, both as a processor and controller of personal data.
- Pay close attention to regulatory guidance around GDPR compliance and making changes to our product features and contracts when they're needed.