As you’re probably aware, new personal data security regulations are being introduced in all European Union countries on 25 May 2018. The General Data Protection Regulation (GDPR) strengthens the rights of the individual over the personal data that they provide to you. The GDPR is the most comprehensive such regulation yet, so if you’re doing any sort of business with anyone based out of the European Union, then you will need to ensure you’re compliant. Failure to do so can incur a hefty penalty - up to 4% of your global revenue!
As a global market leader, with offices, development centers, and customers on three continents, including the EU, Zift Solutions places great importance on data security compliance, and features that support the need of international businesses. We have reviewed both our data processing procedures and our product features to ensure that we continue to provide the best possible service to you.
Our products support your data privacy requirements by design, and most of the requirements for GDPR compliance are already included in our Zift123 product. We’ve also added new features and processes to ensure we’re playing our part to meet GDPR compliance. These features include, but are not limited to:
- Each of our personal data capture forms across all landing pages and showcases will include a message informing the visitor how their data will be stored prior to submitting their details.
- Right to be Forgotten - Individuals (contacts) can request that their personal information be anonymized using Control My Data. After providing their email address, individuals will have the option to either anonymize the information or unsubscribe from being contacted.
- One-click unsubscribe links across all of our marketing emails, making it easy for individuals to manage their consent
- ISO-27001 and SOC-2 compliant processes to ensure your data is managed as securely as possible
- Protected Personal Data - The new My Downloads section in the User Profile, protects personal data. Only logged-in, identifiable users can access data. Personal data is not going out in emails.
ZIft Marcom Application
- Partner Terms and Conditions - you can view the status of partner acceptance of the Zift123 Terms & Conditions on the Partner Details page.
- To request access to personal data for an individual, contact firstname.lastname@example.org. Users are not charged for data deletion or access requests.
- In the unlikely event of a personal data breach occurring, Zift will notify affected countries’ supervising authorities within 72 hours.
Zift123 Application Terms and Conditions
You may have noticed a change to Zift123’s Terms and Conditions for partners. No need to fear, we’ve just updated it to adhere to the upcoming European Union’s GDPR – General Data Protection Regulation – rollout, which comes into effect on May 25th, 2018.
We’ve made these changes to outline both your company’s, as well as Zift Solutions’ responsibilities and compliance obligations when it comes to maintaining the privacy and security of all customer data. The key changes are:
- Updated: Additional Terms Applicable to Personal Data Subject to GDPR, Role of Parties section - Company shall process personal data in compliance with all laws applicable to it as a Processor of Personal Data, including GDPR and the e-Privacy Directive or its successor regulation.
- Updated: Additional Terms Applicable to Personal Data Subject to GDPR, Processing Scope and Duration section - ...analytics information, such as cookie IDs, internet usage, and engagement with communications;...
- Use of Data – your contacts remain the sole ownership of your company, and will not be shared with any other third party. We’ll only use your data to solely provide services to you, and only with your permission, transfer data to a third party who will provide the same services to you.
- International Data Transfer – your company is classified as the “data controller”, in which case, it’s your company’s responsibility to ensure you have the necessary permissions to store each of your contact’s information. We as a “data processor” need to ensure we maintain the security of your contact data accordingly.
The changes noted above are just the highlights. Be sure to review the full Terms and Conditions here to make sure you understand it. You can request electronically signed copies of the Zift Terms and Conditions for your records by submitting this request form.
Questions? Email us at email@example.com
- Updated: Partners can request that their personal information be anonymized using Control My Data. After providing their email address, individuals will have the option to either anonymize the information or unsubscribe from being contacted.
Updated: Additional Terms Applicable to Personal Identification
Additionally, as a Data Processor, we have provided policy information that you can include in your own website's policy statement.
You may stop communications using the opt-out feature included in the messages and prevent the storage of cookies using browser settings.
Frequently Asked Questions
Q: How can my partner access and update their personal data?
A: Partners can update their partner information in Zift123 via Settings > Company Profile
Q: How can a supplier user view and update their personal data?
A: Supplier email information is stored in ZiftAdmin. To request a change, please contact firstname.lastname@example.org
Q: How can an agency user view and update their personal data?
A: Agencies can update their partner information in Zift123 in the same way as partners, via Settings > Company Profile
Q: How can I stop processing data related to an individual, at their request?
A: Any individual can use the unsubscribe link provided in emails. Alternatively, you can manage their subscription status. Here are links that explain how to do this.
Q: How can I view which contacts or leads have unsubscribed to marketing efforts?
A: Zift123 users can view contact and leads that have unsubscribed on the suppression list. Zift123 > Settings > Suppression List
Q: How do I add an Unsubscribe link to Marketing Communication?
A: The links below explain how to provide an Unsubscribe Link into a “Create your own Mailing” in Zift123
Q: How can I review my partners’ consent to the Zift123 Terms and Conditions?
A: Suppliers can filter to see which partners have or have not accepted the Terms and Conditions of Use using the new filtering option, Terms and Conditions, in Advanced Filters, Partners > All Partners > Advanced Filters.
Q: How can I export the personal data relating to a marketing contact?
Q: How can I request the anonymization of personal data, based on a request from an individual?
A: Any requests for anonymization of personal data can be made by clicking Control My Data and providing the individual's email information. You will be prompted to select anonymize the information or unsubscribe from being contacted by suppliers.
Q: How can I request database export at the end of the contract?
Partners are instructed to export their data in the shut-down messages to them. If they are unable to export their data or have questions they can contact their Zift point of contact or our Support Team for help with exporting data. Contact email@example.com if necessary. When a request is received, the Support Team will forward it to the appropriate development resource. The export of your data at the end of a contract may take up to 30 days. If you are ending your contract, please place a request for data export at the same time you notify us that you will be ending your contract.
Q: How can I request that my data be deleted?
A: Contact the Support team, firstname.lastname@example.org.When a request is received, the Support Team will forward to the appropriate development resource. The process of deleting employee logins/emails, collateral, and analytical data may take up to 30 days. If you are ending your contract, please place a request for data deletion at the same time you notify us that you will be ending your contract.
Note: Suppression lists cannot be deleted. Distributed and registered leads are considered to be shared data between the partner and supplier and will require the permission of both parties to delete the data.