Helping creators earn a living extends beyond our email marketing app. That's why we created several new tools, forms, and support processes to help creators and their businesses get and stay compliant with the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
This feature—which can be enabled at the account level—redirects visitors to a special GDPR consent page after they subscribe. This way you can have them provide consent without cluttering every opt-in form on your site with checkboxes.
We’ve built a feature allows you to specifically select your subscribers within the European Union in the subscriber filter. That makes it easy to find who you still need to gather consent from.
You can combine the two features above to easily get new consent from any existing subscribers within the EU from whom you don’t have consent. Our FAQ page even has a sample message you can start with.
In our new form builder it is easy to add checkboxes to gather consent from all new subscribers. You can add one or multiple checkboxes and completely customize the text.
In addition to the features above to help you with a lawful basis for processing subscriber data, we have internal business processes to help you stay compliant.
Our Data Processing Agreement (DPA) offers contractual terms that comply with the GDPR, CCPA, and other international and U.S. state privacy laws, and reflect our data privacy and security commitments to our customers. The DPA also applies to those customers processing personal data on behalf of EU/EEA, UK, Swiss, California, and other relevant international and U.S. state individuals. The current version of our DPA can be located at: https://kit.com/dpa
Under the GDPR, CCPA, and other international and U.S. state privacy laws, your subscribers in the EU/EEA, UK, Switzerland, California, and other relevant countries and U.S. states have the right to erasure (or the right to be forgotten), meaning they can contact you and we will delete all of their personal data from our systems.
Getting an audit notice can be a scary process as you try to get all the necessary data together. If that happens to you, we want you to know we have your back and will get you any data we have that can help you comply with the audit. Just fill out the form to get in touch with our audit concierge team.
Kit may use the following to transfer personal data to the United States and elsewhere:
Both the SCCs and IDTA are included in Kit’s DPA. Kit’s DPA applies to all customers processing personal data on behalf of EU/EEA, UK, Swiss, California, and other individuals. You can access and review the current DPA here. Kit’s certification to the EU-U.S. DPF can be viewed here.
If you have questions on how best to implement these features, take a look at these extensive GDPR & CCPA FAQs we put together.
We’re providing these resources to help you get started, but ultimately you should direct further questions to your own attorney since your business is unique.
