Mailivery and the GDPR
Privacy and Security Contact
Arnie Nobleza
gdpr@mailivery.io
2206 N Main Street Suite 183
Wheaton, IL 60187
As part of our ongoing efforts to protect the security and privacy of our users, we are working to meet or exceed the GDPR (General Data Protection Regulation). This site contains information on what steps we are taking, their progress, and who to contact for any security concerns. Please see our FAQ for more information.
Data Processing Partners
We rely on a number of trusted 3rd parties to assist with our operations. Depending on the exact nature of your account and what you've requested we do, your data may be shared with one of these partners. We carefully evaluate each to make sure they're handling your personal data with the utmost of respect, security, and privacy.
| Services | ||||
|---|---|---|---|---|
| Partner | Locale | Data Shared | Purpose | |
| Amazon |  |
IP Address | This site is hosted on Amazon AWS EC2 Infrastructure. |
|
| CDN JS | |
IP Address | CloudFlare's CDN with popular javascript frameworks available. |
|
| Cloudflare | |
IP Address | Automatically optimizes the delivery of your web pages so your visitors get the fastest page load times and best performance. |
|
| Digital Ocean | |
IP Address | SSD VPS hosting environment. |
|
| Facebook Custom Audiences | |
IP Address | Custom Audiences from your website makes it possible to reach people who visit your website and deliver the right message to them on Facebook. |
|
| Facebook Domain Insights | |
IP Address | This website contains tracking information that allows admins to see Facebook Insights out of Facebook to this domain. |
|
| Facebook Pixel | |
IP Address | Facebook Pixel is Facebooks conversion tracking system for ads on Facebook to websites. |
|
| GetGist | |
IP Address | Gist is email marketing automation, live chat and help desk software. Previously ConvertFox. |
|
| Global Site Tag | |
IP Address | Google's primary tag for Google Measurement/Conversion Tracking, Adwords and DoubleClick. |
|
| Google Analytics | |
IP Address | Google Analytics offers a host of compelling features and benefits for everyone from senior executives and advertising and marketing professionals to site owners and content developers. |
|
| Google Apps for Business | |
IP Address | Web-based email, calendar, and documents for teams. Renamed to Google Apps for Work, but now known as G Suite from Google Cloud. |
|
| Google Font API | |
IP Address | The Google Font API helps you add web fonts to any web page. |
|
| Google Hosted Libraries | |
IP Address | Google Hosted Libraries is a globally available content distribution network for the most popular, open-source JavaScript libraries. |
|
| Google Hosted Web Font Loader | |
IP Address | Web Font Loader hosted at Google. |
|
| Google Optimize 360 | |
IP Address | Test different variations of a website and then tailor it to deliver a personalized experience that works best for each customer and for your business. |
|
| Google Tag Manager | |
IP Address | Tag management that lets you add and update website tags without changes to underlying website code. |
|
Compliance Tasks
GDPR Compliance requires maintenance and ongoing work. We are tracking our efforts here.
| Application Site Security | |
|---|---|
| Status | Name |
| Completed | SSL (TLS) Deployed on App Site |
| Completed | Personal Data in File Storage is Encrypted |
| Completed | Personal Data in Databases is Encrypted |
| Completed | Establish Stale Data and User Policies |
| Completed | Affirmative Consent mechanism added to User Signup |
| Completed | HSTS (HTTP Strict Transport Security) added to SSL/TLS of App Site |
| Completed | Ensure Backups are Stored in on Encrypted File Storage |
| Completed | Establish Development Environment Data Handling Guidelines |
| Completed | Ensure internal employees and contractors behaviors around personal data are documented. |
| Privacy Procedures | |
|---|---|
| Status | Name |
| Completed | Nominate a Data Protection Lead or Data Protection |
| Completed | Get Management Approval for GDPR Efforts |
| Completed | Process established for subject data requests |
| Completed | Procedure established to allow for people to request that inaccuracies in their data are fixed. |
| Completed | Developed a Data Processing Agreement |
| Completed | Informed all Employees and Contractors about GDPR Compliance |
Frequently Asked Questions
If you have any concerns not answered here, please reach out to our contact (listed above) and we'll be happy to assist.
Do Non EU Companies need to comply with the GDPR?
While it remains to be seen if the EU has the legislative power to levy fines and enforcement against organizations around the globe, GDPR compliance is being sought by non EU companies for a variety of reasons.
- Customers and Prospects are making it a requirement
- It's a solid framework for improving the handling of personal information and complying with the GDPR requirements improves our own security.
How Do I Report a Security Issue?
We take all security reports seriously. Please email our security contact (information listed above) with any information you have regarding any potential data breaches, vulnerabilities or concerns.
What's the GDPR?
The General Data Protection Regulation (GDPR) is a new piece of privacy legislation enacted by the European Union. It represents a significant change in how personal (IP Addresses, Emails, Names) and sensitive (religion, ethnic origin, health, orientation) data is handled by companies.