SpamHero has always taken data protection very seriously and was among the first companies to take the necessary steps to comply to the General Data Protection Regulations (GDPR) before the May 25, 2018 deadline. Steps we have taken include, but are not limited to:
In light of the recent decision by the Court of Justice of the European Union to invalidate Privacy Shield as an appropriate safeguard for transferring data outside the EU, our data processing addendum has been updated (as of August 27, 2020) to now include the Standard Contractual Clauses as set forth by the EU Commission for safeguarding such transfers. As of April 14, 2021, we withdrew from the Privacy Shield program. Clients that obtained a signed data processing addendum from us before Auguust 27, 2020 may wish to obtain an updated addendum that include the Standard Contractual Clauses.
GDPR compliance is not a "do once and you're done" type of thing. We will be conducting an annual GDPR audit to identify areas where we can improve and continue to monitor updates to the GDPR.
If there are specific things that SpamHero can do to assist you in your GDPR compliance efforts, please contact our support team and let us know.