How to create GDPR-compliant email disclaimers
The introduction of the General Data Protection Regulation (GDPR) led to unrest and uncertainty in many companies. At the last minute, pop-ups on websites, hastily printed information sheets and rushed data protection declarations paved the rocky road that led to Day X – 25 May 2018. On that day, the GDPR became a binding and crucial part of the data protection framework in the European Union. Since then, email communication has also been subject to special requirements, as Chapter 13 of the GDPR must be taken into account in the form of correspondingly adapted email disclaimers.
What does Article 13 of the GDPR state?
Article 13 of the GDPR deals with the rights of the persons concerned, in particular with the duty of the person responsible to provide information to the person whose personal data are collected. If one leaves aside the criticism of the implementation of the GDPR in this area, the GDPR can be seen as a good opportunity to assume responsibility for better protection of privacy and improved security.
Basically, the GDPR only confirms in this article the right of the person concerned to be informed about which data are collected and how these data are processed:
- Information on the nature of the data collected, such as the name and contact details of the responsible person, the purposes for which the personal data will be processed or the legal basis for the processing.
- Information concerning the processing of the data and the rights of the person concerned, for example the duration for which the personal data will be stored or, if this is not possible, the criteria for determining this duration or the right of access by the person concerned to the personal data.
Implementation through linking
Adding all mandatory contents from Article 13 GDPR to email disclaimers is problematic due to the amount of such information. A more practical solution is the so-called link solution, which allows you to use a Deep Link to refer to a special page containing all the necessary information on the type and processing of the data. The term Deep Link refers to the fact that the linked website is only to be found by the persons who clicked on the corresponding link. For example, it should not appear in the menu of your website and should not be indexed.
Manage GDPR-compliant email disclaimers
The information required by the GDPR is extensive but important. However, the implementation of the requirements is often difficult because no central administration of email disclaimers is possible. Often IT departments are responsible for this administration and do not meet the requirements which may come from other departments such as marketing. Not only do they miss opportunities to use the email disclaimer for marketing purposes, they also jeopardize the legal security of the entire organization. Especially when it comes to the GDPR, it is crucial to be able to guarantee uniformity and topicality of the disclaimers.
Guarantee legal compliance with NoSpamProxy Disclaimer
In many companies, the disclaimer function of email clients or email servers is used, for example Microsoft Outlook or Microsoft Exchange. It is up to the users to implement the given texts or the graphic design correctly. In order to guarantee conformity with the GDPR and thus legal certainty, however, there is no room for interpretation. NoSpamProxy Disclaimer enables the central administration of email disclaimers and thus guarantees company-wide conformity with the GDPR.
In this way, you also ensure that other mandatory contents such as the complete company name, a summonable address and the correct company name including a reference to the imprint are present in all emails of your company. A quick tip: If the signature contains elements such as large-area or animated banners with direct advertising messages, you need the prior consent of the recipient in any case.
Can the GDPR be used as a marketing tool?
On the bright side, by complying with the GDPR you are doing something very positive, see above, responsibility. Even more positively, you show your communication partners that they can trust you and that the protection of the personal data processed by you has priority for you. Perhaps you will round the whole thing off with a smart GDPR conformity labelling and turn a mandatory statement into a tiny bit of marketing.
Provide mandatory GDPR information as templates
NoSpamProxy Disclaimer is controlled via a web interface that allows authorized groups or departments to independently manage, design and modify email disclaimers. Using templates, email disclaimers and signatures can be created quickly and easily and integrated on the basis of conditions. As a result, they are GDPR-compliant and legally protected and at the same time considerably reduce the workload for your employees.