General Data Protection Regulation (GDPR)

General Data Protection Regulation (GDPR)


To safeguard the confidentiality, integrity and availability of data, the OpenMoves platform is hosted on Microsoft Azure. In the US we utilize the East US 2 region, with data backed up to the Central US region. European data is held in the West Europe region, with data being backed up to the North Europe region. All Azure facilities meet a broad set of compliance standards, details of which can be found here. A map showing the Azure data center locations can be found here.

In May 2018, a European privacy law, the General Data Protection Regulation (GDPR), is due to take effect. The GDPR imposes new rules on companies, government agencies, non-profits, and other organizations that offer goods and services to people in the European Union (EU), or that collect and analyze data tied to EU residents. The GDPR applies no matter where you are located.

OpenMoves has extensive expertise in protecting data, championing privacy, and complying with complex regulations. We believe that the GDPR is an important step forward for clarifying and enabling individual privacy rights. We want to help you focus on your core business while efficiently preparing for the GDPR.

We are committed to our principles of cloud trust, data protection, and data security. We intend to provide platform functionality to address the privacy demands of our customers. As the GDPR enforcement begins, here is what else you can expect from us:

  • Technology that meets your needs – You can leverage our specific platform functionality to meet your GDPR obligations for areas including deletion, rectification, transfer of, access to and objection to the processing of personal data.
  • Contractual commitments – Relationships with OpenMoves are supported by contractual commitments for our services, including security standards, support and timely notifications in accordance with the new GDPR requirements.
  • Sharing our experience – We will share the information that we gather through various Data Protection Authorities and other reputable organizations so you can adapt what we have learned to help you craft the best path forward for your organization.

While OpenMoves is fully committed to helping you successfully comply with the GDPR, it is important to recognize that compliance is a shared responsibility. New requirements – like greater data access and deletion rules, risk assessment procedures, a Data Protection Officer role for many organizations and data breach notification processes – will mean changes for your organization. When it comes to GDPR compliance, it’s not just European organizations that are affected, but also those outside of the EU who process data in connection with the offering of goods and services to, or monitoring the behaviour of, EU residents. As such, it is important to understand your obligations related to GDPR regardless of where your organization resides.

It will take time, tools, processes and expertise for you to comply with the GDPR. To do this, you need to make changes to your privacy and data management practices.

We want to make it really easy customers to comply with GDPR regulations. You'll start seeing changes soon.

We understand that you must be able to entrust your chosen email and automation provider with one of your most valuable assets - your data. To gain that trust we continue to invest in technology and resources to build security and privacy into our platform. We operate a policy of transparency and aim to provide you with the information you need to feel confident in using us.


    • Related Articles


      FAQs about what OpenMoves is doing as data processor to help our customers comply with GDPR This document is downloadable as a PDF here. General  Is OpenMoves GDPR compliant? Like you and many other businesses, we have an ongoing GDPR program and we ...
    • Creating and deleting contact data fields

      Summary As well as the default contact data fields already in place in your address books (such as FIRSTNAME, FULLNAME, LASTNAME, etc.), you can create new contact data fields to capture and/or contain additional information about your contacts. The ...
    • Model Contract Clauses

      European Union (EU) data protection law regulates the transfer of personal data from EU customers to countries outside the EU. OpenMoves has in place EU Standard Contractual Clauses that provide specific guarantees around transfers of personal data ...
    • Canadian Privacy Law

      Canadian privacy laws—such as the Privacy Act and Personal Information Protection and Electronic Documents Act (PIPEDA) — aim to protect the privacy of individuals, and give them the right to access information gathered about them. The laws require ...
    • How do I create a sign-up form to go on my website so contacts can join my address books automatically?

      You can create advanced web signup and unsubscribe forms with just a few clicks of a mouse, generating HTML code that you can copy and add to a page of your website. This will enable new contacts to sign up, enter their data, opt into public ...