The General Data Protection Regulation came into force on 25th May 2018 and is designed to protect the privacy of EC citizens, ensure their personal data is not exported outside the EU and give them control of how the data is used. GDPR is also implemented in the UK, post Brexit, and among others in Switzerland, Iceland, Norway, Liechtenstein, New Zealand and Argentina. The legislation covers all entities worldwide that hold data on EC citizens, not just entities resident in the EC.

Under General Data Protection Regulation terminology each of our customers is their own Data Protection Officer and the Data Processor is SpotlerCRM.

SpotlerCRM is fully compliant with GDPR. All data is hosted in the EC and the CRM has multiple GDPR compliance features such as Mailing & Consent Lists. Read our Statement of Compliance.