top of page

General Data Protection Regulation (GDPR) Statement

Effective Date: 1 December, 2024

​

MailSPEC is committed to complying with the General Data Protection Regulation (GDPR) and protecting the personal data of our customers, clients, and users. GDPR is a comprehensive data protection law enacted by the European Union (EU) that sets out strict guidelines for how personal data is collected, processed, and stored. This statement outlines MailSPEC’s compliance with GDPR and our commitment to safeguarding your privacy.

 

Scope of GDPR

The GDPR applies to organizations that process the personal data of individuals residing in the European Union (EU), regardless of the organization’s location. It defines personal data as any information that can directly or indirectly identify an individual, including but not limited to:

  • Name

  • Email address

  • IP address

  • Location data

  • Financial details

  • Health information

 

MailSPEC’s Commitment to GDPR Compliance

 

1. Lawful Basis for Data Processing

MailSPEC processes personal data only when there is a lawful basis to do so. This includes:

  • Consent: When individuals provide clear and explicit consent for specific purposes.

  • Contractual Obligations: When data is necessary to fulfill a contract with the individual.

  • Legal Obligations: To comply with applicable laws and regulations.

  • Legitimate Interests: When processing is necessary for MailSPEC’s legitimate business interests, provided it does not override the individual’s rights and freedoms.

 

2. Transparency and Purpose Limitation

We are committed to transparency regarding how we collect, use, and store personal data. We process data only for specified, explicit, and legitimate purposes and will not use it in a way that is incompatible with these purposes.

 

3. Data Minimization

MailSPEC collects only the minimum amount of personal data necessary to fulfill the stated purposes. We ensure that data is relevant, limited, and proportionate to the intended use.

 

4. Data Accuracy

We take reasonable steps to ensure that personal data is accurate, complete, and up-to-date. Individuals have the right to request corrections to their data if inaccuracies are identified.

 

5. Data Retention

Personal data is retained only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable laws and regulations. Once the retention period has expired, data is securely deleted or anonymized.

 

6. Data Security

MailSPEC implements appropriate technical and organizational measures to protect personal data from unauthorized access, alteration, disclosure, or destruction. These measures include encryption, secure access controls, and regular audits of our data protection practices.

 

Individual Rights Under GDPR

Under GDPR, individuals have specific rights regarding their personal data. MailSPEC is committed to respecting these rights and has established processes to address requests promptly and transparently.

  • Right to Access: Individuals can request access to their personal data and obtain information about how it is being processed.

  • Right to Rectification: Individuals can request corrections to inaccurate or incomplete personal data.

  • Right to Erasure (Right to Be Forgotten): In certain circumstances, individuals can request the deletion of their personal data.

  • Right to Restriction of Processing: Individuals can request a temporary halt to the processing of their data under specific conditions.

  • Right to Data Portability: Individuals can request their personal data in a portable format for use with another service provider.

  • Right to Object: Individuals can object to the processing of their data for direct marketing or other purposes based on legitimate interests.

  • Right to Withdraw Consent: Where processing is based on consent, individuals have the right to withdraw consent at any time.

To exercise these rights, individuals may contact us at [Insert Contact Email].

 

Data Breach Notification

MailSPEC has a comprehensive data breach response plan in place. In the event of a data breach involving personal data, we will notify the relevant supervisory authority within 72 hours, as required by GDPR. If the breach poses a high risk to individuals’ rights and freedoms, we will also inform the affected individuals promptly.

 

International Data Transfers

If MailSPEC transfers personal data outside the European Economic Area (EEA), we ensure that appropriate safeguards are in place to protect the data, such as standard contractual clauses (SCCs) or other mechanisms approved by the European Commission.

 

Third-Party Processors

MailSPEC works with trusted third-party processors to provide certain services. These processors are contractually obligated to comply with GDPR requirements, including data protection and security measures. We only share personal data with third parties when necessary and in compliance with applicable laws.

 

Contact Information

For questions about this GDPR Statement or to exercise your data protection rights, please contact:

MailSPEC Data Protection Officer
Email: privacy@mailspec.com
Phone: +1-415-569-2280
Address: 9107 West Russell Road, Suite 100 Las Vegas, NV 89148

​

Changes to This Statement

MailSPEC reserves the right to update this GDPR Statement as necessary to reflect changes in laws, regulations, or company practices. Updates will be posted on this page with a revised "Effective Date."

By using MailSPEC’s services, you acknowledge that you have read and understood this GDPR Statement and our commitment to protecting your personal data.

bottom of page