General Data Protection Regulation (GDPR)

General Data Protection Regulation (GDPR)


To safeguard the confidentiality, integrity and availability of data, the OpenMoves platform is hosted on Microsoft Azure. In the US we utilize the East US 2 region, with data backed up to the Central US region. European data is held in the West Europe region, with data being backed up to the North Europe region. All Azure facilities meet a broad set of compliance standards, details of which can be found here. A map showing the Azure data center locations can be found here.

In May 2018, a European privacy law, the General Data Protection Regulation (GDPR), is due to take effect. The GDPR imposes new rules on companies, government agencies, non-profits, and other organizations that offer goods and services to people in the European Union (EU), or that collect and analyze data tied to EU residents. The GDPR applies no matter where you are located.

OpenMoves has extensive expertise in protecting data, championing privacy, and complying with complex regulations. We believe that the GDPR is an important step forward for clarifying and enabling individual privacy rights. We want to help you focus on your core business while efficiently preparing for the GDPR.

We are committed to our principles of cloud trust, data protection, and data security. We intend to provide platform functionality to address the privacy demands of our customers. As the GDPR enforcement begins, here is what else you can expect from us:

  • Technology that meets your needs – You can leverage our specific platform functionality to meet your GDPR obligations for areas including deletion, rectification, transfer of, access to and objection to the processing of personal data.
  • Contractual commitments – Relationships with OpenMoves are supported by contractual commitments for our services, including security standards, support and timely notifications in accordance with the new GDPR requirements.
  • Sharing our experience – We will share the information that we gather through various Data Protection Authorities and other reputable organizations so you can adapt what we have learned to help you craft the best path forward for your organization.

While OpenMoves is fully committed to helping you successfully comply with the GDPR, it is important to recognize that compliance is a shared responsibility. New requirements – like greater data access and deletion rules, risk assessment procedures, a Data Protection Officer role for many organizations and data breach notification processes – will mean changes for your organization. When it comes to GDPR compliance, it’s not just European organizations that are affected, but also those outside of the EU who process data in connection with the offering of goods and services to, or monitoring the behaviour of, EU residents. As such, it is important to understand your obligations related to GDPR regardless of where your organization resides.

It will take time, tools, processes and expertise for you to comply with the GDPR. To do this, you need to make changes to your privacy and data management practices.

We want to make it really easy customers to comply with GDPR regulations. You'll start seeing changes soon.

We understand that you must be able to entrust your chosen email and automation provider with one of your most valuable assets - your data. To gain that trust we continue to invest in technology and resources to build security and privacy into our platform. We operate a policy of transparency and aim to provide you with the information you need to feel confident in using us.


    • Related Articles


      FAQs about what OpenMoves is doing as data processor to help our customers comply with GDPR This document is downloadable as a PDF here. General  Is OpenMoves GDPR compliant? Like you and many other businesses, we have an ongoing GDPR program and we ...
    • About the Data Watchdog

      Import clean, reliable, and safe data. The Data Watchdog is a unique checkpoint that is on the lookout for any questionable or risky data. After all, we don't want anyone to be guilty of email abuse; it damages reputation and deliverability. That's ...
    • Creating and deleting contact data fields

      As well as the personal details stored against your contacts, you can create new custom data fields to capture additional information. The more useful data you can collect on your contacts, the more you can usefully segment, target and personalize ...
    • Export contacts

      Before you start Things you need to know: Regulation compliance When a contact asks you for the information you hold on them, it's called a Subject Access Request (SAR). This export action enables you to more fully comply with this request. In order ...
    • Model Contract Clauses

      European Union (EU) data protection law regulates the transfer of personal data from EU customers to countries outside the EU. OpenMoves has in place EU Standard Contractual Clauses that provide specific guarantees around transfers of personal data ...