Users of Mailtrack, as data controllers, are responsible for processing the personal data of the recipients of the emails sent through our services, according to applicable data protection regulations. This includes managing their recipients´ data rights. Mailtrack, as a data processor, is committed to assisting users with these duties.
1. Legal Basis for Processing Personal data
In order to process personal data of recipients (e.g. email tracking data), it is necessary to have a legal basis. The most common legal basis for this type of processing is consent. In this regard, please note that Mailtrack offers a feature that allows users to send a “Consent Request” email to recipients to ask for consent. Learn more about sending consent requests.
The users of Mailtrack, as data controllers, are the responsibles to manage the relevant legal basis for the processing of their email recipients´ data as applicable.
Please note that consent is not the only legal ground for the processing of personal data, as there are others such as the performance of a contractual relationship, the fulfillment of a legal obligation or a legitimate interest. Also, in most of the cases the user shall have to inform the data subject about the processing; but this must be assessed by the user of Mailtrack on a case by case basis bearing in mind the particularities of the processing and the relationship with the recipient of the email. Mailtrack is not in a position to provide any assessment in such regard.
2. Proof of Consent or Legal Basis
As data controllers under GDPR, the users should keep records of proof of the relevant legal basis for the processing of their recipients´ data processing through our services, such as the consent. For such purpose, Mailtrack provides a feature that allows its users to keep track of and record the legal basis or consent status of each of their recipients to demonstrate compliance with GDPR requirements
3. Right to Withdraw Consent
According to GDPR, if the legal basis for the data processing is consent, it is the user´s duty as a data controller to permit recipients to withdraw their consent easily at any time. Mailtrack automatically includes an unsubscribe link in all the emails to help the user fulfill this duty. Learn more about unsubscribe links.
4. Deletion of personal data
As a data controller under GDPR, the user must comply with data deletion requests without undue delay. Mailtrack provides various options to assist the user in deleting recipients´ data. Learn more about how to delete recipient data.