General Data Protection Regulation (GDPR)
The new EU General Data Protection Regulation ("GDPR") comes into force across the European Union on 25th May 2018 and brings with it the significant changes to data protection law.
Mini Divani Srl is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy statement.
Mini Diavni Srl may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes.
WHAT WE COLLECT
We may collect the following information:
contact information including email address
demographic information such as postcode, preferences and interests
other information relevant to customer surveys and/or offers
WHAT WE DO WITH THE INFORMATION WE GATHER
We require this information to understand your needs and provide you with a better service, and in particular for the following reasons:
We may use the information to improve our products and services and offers.
We may periodically send promotional emails about new products, special offers or other information which we think you may find interesting using the email address which you have provided.
From time to time, we may also use your information to contact you for market research purposes. We may contact you by email, mail. We may use the information to customise the website according to your interests.
We frequently use Mailchimp to send newsletters and product emails to our customers.
In our emails we provide "unsubscribe" links and "update profile" links so that our customers can view, modify and also delete themselves from our subscriber list.
You can read about how MailChimp GDPR compliance here below
About the General Data Protection Regulation
Updated: May 18, 2018
Copy Article URL
By now, you’ve probably heard of the General Data Protection Regulation (GDPR) and we know you might have a few questions about how to prepare for it. Here’s what we know about how it might affect MailChimp and our users.
This article is provided as a resource, but it’s not legal advice. We encourage you to speak to legal counsel to learn how the GDPR may affect your organization.
What and Who
The GDPR is a European Union (EU) privacy law that will affect businesses around the world when it becomes enforceable on May 25, 2018. It regulates how any organization that is subject to the Regulation treats or uses the personal data of people located in the EU . Personal data is any piece of data that, used alone or with other data, could identify a person. If you collect, change, transmit, erase, or otherwise use or store the personal data of EU citizens, you'll need to comply with the GDPR.
The GDPR will replace an older directive on data privacy, Directive 95/46/EC, and it introduces a few important changes that may affect MailChimp users.
You need to have a legal basis, like consent, to process an EU citizen's personal data. Under the GDPR, you may use another legal basis for processing personal data, but we anticipate that many MailChimp users will rely on consent. This consent must be specific and verifiable.
Verifiable consent requires a written record of when and how someone agreed to let you process their personal data. Consent must also be unambiguous and involve a clear affirmative action. This means clear language and no pre-checked consent boxes.
About Individual Rights
The GDPR also outlines the rights of individuals around their personal data. EU citizens will have the right to ask for details about the way you use their personal data and can ask you to do certain things with that data. You should be prepared to support people's requests in a timely manner. People have the right to request their personal data be corrected, provided to them, prohibited for certain uses, or removed completely.
You should also be able to tell someone among other things, how their personal data is being used. If they ask, you’re obligated to share the personal data you hold on an individual, or offer a way for them to access it.
What is MailChimp doing to prepare?
We've been preparing for the GDPR and modifying many of our internal practices and policies over the last year, because we are committed to achieving compliance with the GDPR in May, 2018. We've updated our Data Processing Agreement and our third-party vendor contracts to meet the GDPR's requirements.
We’re also in the process of building and releasing tools that will make it easier for our users to handle their customer’s data appropriately.
About the EU/Swiss Privacy Shield
Blog: Getting Ready for the GDPR
What can I do to prepare?
MailChimp offers tools related to consent and individual rights to help you comply with the GDPR. We encourage you to consult with legal or other professional counsel about your GDPR preparations.
Transparent data processing is mandatory, and it’s also an opportunity to strengthen your marketing relationships. We’ve updated MailChimp signup forms to help you stay compliant with the latest laws.
If you’re going to rely on consent to process the personal data of EU citizens, the GDPR says you must obtain specific consent from your contacts and clearly explain how you plan to use their personal data. Our GDPR fields include checkboxes for opt-in consent, and editable sections that allow you to explain how and why you are using data.
MailChimp stores your forms and contact data in case you need it in the future. If someone signed up for your list through a MailChimp hosted form, you can export that list and view information related to the signup. For additional evidence of consent, you may choose to turn on double opt-in.
If you rely on consent to process subscribers' personal data, double check whether the consent that you previously obtained meets the GDPR's standards. For example, check third-party integrations to be sure they don't automatically add people to your MailChimp list without an opt-in checkbox that clearly states how you'll use that person's data. You should also review the terms associated with any MailChimp add-ons or third-party integrations you use.
To learn more about permission data, check out Export Proof of Consent
To learn more about using GDPR-friendly forms, check out Collect Consent with GDPR Forms
Understand Individual Rights
All MailChimp users can access their MailChimp lists to correct or update information upon the request of their subscribers. Your contacts can continue to update their own data, too, by contacting us or updating their preferences in any email they receive from you.
We want to help our users prepare for the change, but it’s important to note that the GDPR's provisions could affect your business outside of how you use MailChimp. Here are some additional resources.