DMP’s GDPR Policies
The European Union General Data Protection Regulation (GDPR) contains procedures establishing how companies doing business in the EU must handle the personal data of European subjects. GDPR does not only specify the responsibilities for ensuring the privacy and protection of personal information but also offers certain rights to those who are the target of outreach marketing campaigns. In addition, GDPR empowers regulators to demand accountability and, in the case of noncompliance, impose onerous penalties. GDPR takes effect May 2018 and it will mostly affect email marketing efforts.
Direct Marketing Partners is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy statement.
Direct Marketing Partners may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes. This policy is effective from [date].
DMP’s GDPR compliance policies are as follows:
Permissions and Consent
Data will not be processed unless a “legitimated interest” has been established and explained to the data target. This generally means that a prior relationship exists. When it does not, continuation of contact is conditional to obtaining permission to do so. In both cases a clear opt-out mechanism will part of the communications. Consent steps will be documented and can be withdrawn at any time by the prospect.
Targeted contacts have the right to know what personal data DMP has about them and what the intended use for this data is. You have the right to ask us for a copy of all your personal information that we hold. To make this ‘subject access request’, please write to the following address and include a fee of $13.50 US (or the equivalent of £10) as set by the Data Protection Act 1998 to cover an organization’s handling costs.
Data Processor Officer
Direct Marketing Partners
2045 Hallmark Dr. #5
Sacramento, CA 95864 USA
If requested DMP will correct, not process or delete individual personal data.
Legality and Transparency
Data will be only processed on a legitimate purpose basis with the knowledge of the personal data owners. Personal data will be:
- managed fairly and lawfully
- processed for one or more specified and lawful purposes, and not further handled in any way that is incompatible with the original purpose
- adequate, relevant and not excessive
- accurate and, where necessary, kept up to date
- held for no longer than is necessary for the purpose for which it is being used
- processed in line with an individual’s rights
- kept secure with appropriate technical and organizational measures taken to protect the information
- not transferred outside the European Economic Area (the European Union member states plus Norway, Iceland and Liechtenstein) unless there is adequate protection for the personal information being transferred.
What We Collect
We may collect the following information:
- name and job title
- contact information including email address
- preferences and interests
- other information relevant to customer surveys and/or offers
What We Do with the Information We Gather
We require this information to understand your needs and provide you with a better service, and in particular for the following reasons:
- Internal record keeping.
- We may use the information to improve our products and services.
- Understand what information or offers relevant to our services/offerings you may find interesting. (You may always opt out.)
Data Use Purpose and Storage
Data will be used only for the expressed use for which it was collected and will be deleted after the completion of the related project. In our communications with prospects, DMP will:
- Tell them who we are and whom we represent
- State how we will use their information
- Ensure we are using their information fairly, including how we will be contacting them in the future, such as by post, phone or email
- Inform them DMP does not share data with third parties unless authorized
- Signed consent will be recorded
Personal Data Breaches
If and when they occur they will reported to the regulator and the prospect within 72 hour of the breach.
Privacy and DataTransfers
Protocols are in place at both the technical and management level to ensure the protection and integrity of personal data every time personal data is transferred within the company or to an outside group.
Traffic log cookies will be used only to identify which web pages are being visited. This helps us analyze data about web page traffic and improve our website in order to tailor it to customer needs. We solely use this information for statistical analysis purposes and then the data is removed from the system.
Links to Other Websites
Data Correction, Deletion and Blocking
In conformity with the instructions of the Controller, DMP is obliged to provide services that can delete, and/or block the data processed. If a data subject refers to DMP for the purpose of correction or deletion of his/her personal data, we are obliged to inform the Controller and pass the request to the Controller within an agreed time period.
DMP’s Control Obligations
As Processor, DMP has appointed a responsible person for data protection compliance (Data Privacy Officer): Jose da Costa.
(last updated 5.18.18)