It’s been almost a year since the General Data Protection Regulation (GDPR) came into force, and although the dust has settled somewhat, the stringent rules of this E.U. legislation are ever present.
What data protection rules does the GDPR enforce?
You must have a GDPR-approved legal ground for collecting personal data in the first place. For marketing communications, this basis is usually “consent”.
In this case, you’ll need to capture data in such a way that allows you to gain explicit consent, for example, through an “opt-in” box. You should have verifiable proof of that consent, such as a timestamp which shows the subscriber’s location, and the date/time of when consent was given.
Once you’ve obtained legal consent, you must only use the data for the specific purpose you’ve identified. Should the subscriber ever want to see what data you’re holding about them, or get themselves removed from your database, you’re obliged to meet these requirements.
Additionally, data storage systems should be robust and secure, especially when data is being transferred out of the E.U.
As an online store, you need to be able to contact your customers or prospects with promotional offers or other information that they might be interested in, to encourage future sales and business growth.
The strict GDPR rules puts the emphasis on you, as the data controller, to handle customer data transparently, and put the correct procedures in place to protect data.
That means making sure that any systems you use for capturing data or sending out communications are also GDPR compliant. Finding a data management system that works for your business, which is also cost-effective, can prove challenging.
How Firepush helps with GDPR compliance
Firepush is a powerful, fully-automated remarketing tool that allows you to send instant clickable messages to existing and potential customers through web push notifications. Messages are sent via the subscriber’s web browser, so they’ll receive your content even if they’re browsing a completely different website at the time.
Limited personal data captured
When someone signs up to receive Firepush web notifications, they’ll simply “opt-in” via their browser through a click of their mouse. They won’t have to submit their name or email address when doing so. The only personal data captured is the subscriber’s IP address and their location.
Allows for explicit and verifiable consent
With Firepush, you can use a double opt-in form for peace of mind that your subscribers are clear about what they’re signing up for. This app also collects the time and date for when consent is given, and the source of the consent form, in case proof is ever needed.
Subscriber data removal
Firepush allows you to remove or “forget” individual subscribers as and when needed, the latter function complying with the subscriber’s right to be forgotten. A bulk delete option is also available too.
No data transfers outside the E.U.
All Firepush’s servers are based inside the E.U. and are GDPR compliant. Because we already adhere to higher standards of data protection, we’re not required to apply for Privacy Shield Certification.
A smart, cost-effective remarketing tool you can rely on
Firepush web push notifications helps you to engage with your customers or prospects by sending timely marketing and customer service communications to attract them back to your online store.
Moreover, Firepush is a GDPR compliant system, that you as a data controller can use with confidence. Learn more about the benefits of Firepush, plus pricing options on Shopify.