Shelbow is 100% GDPR Compliant

Shelbow follows the seven important principles of the GDPR, which regulates the protection of personal data in the EU. This significantly impacts our software.

personal-data-protection-gdpr-isometric-illustration_1284-57396.jpg

Lawful, fair and transparent.

All processing is carried out on a lawful basis. Data processing does not occur unexpectedly and the data subject will be informed about the processing.

Shelbow:

  • We ensure transparency in how we process data for email marketing and telemarketing campaigns.
  • We provide clear guidelines to help our clients inform their contacts about data usage.
  • We advise on compliance with data protection laws, ensuring ethical and legal outreach.
  • Our clients must choose a legal basis (consent or legitimate interests) – Shelbow supports with expert opinions and recommendations:
  • Secure data handling with storage solutions that comply with GDPR and other relevant regulations.
  • Direct integrations with trusted communication platforms to minimise data security risks.

Purpose limitation.

We define the purposes of data processing clearly and disclose them in our data protection notices to the individuals concerned. Data processing is strictly limited to these stated purposes.

Shelbow:

  • We only collect and process data necessary for email marketing and telemarketing campaigns, ensuring compliance with data protection regulations.
  • Our services are designed to use minimal data, focusing only on business-relevant contact information.
  • We operate as a purpose-driven marketing solution, preventing data from being used for unauthorised or opaque purposes.
  • Secure in-house integrations minimize risks associated with third-party intermediaries, ensuring data is handled responsibly.

Data minimisation.

Personal data must be relevant to the purpose for which it is processed, necessary for that purpose, and limited to only what is required.

Shelbow:

  • We collect only the essential data needed for effective email marketing and telemarketing campaigns, ensuring compliance with data protection laws.
  • Our processing is configured to handle only relevant business contact details, avoiding unnecessary data collection.
  • We do not process special categories of data (as defined in Art. 9 GDPR) or any other sensitive information.
  • Secure in-house integrations ensure that data is not shared with unnecessary third parties, minimising exposure and ensuring compliance.

Accuracy.

We ensure that the personal data we process is accurate, up-to-date, and relevant. Any inaccurate data is corrected or removed as quickly as possible.

Shelbow:

  • We maintain high data accuracy standards for email marketing and telemarketing campaigns, ensuring that outreach efforts target the right contacts.
  • Regular data validation processes help keep contact information current and relevant.
  • We source high-quality data from verified providers to minimise inaccuracies.
  • Secure data handling practices ensure integrity and confidentiality throughout our marketing processes.

Data storage.

We store personal data only for as long as necessary to fulfill the purposes for which it is processed, in compliance with Article 5(1)(e) GDPR.

Shelbow:

  • Upon request, clients can have contact data removed from our systems.
  • We process only essential business-related information, avoiding the storage of unnecessary personal data.
  • We do not store or process personally identifiable information (PII) beyond what is required for legitimate email marketing and telemarketing activities.
  • A structured data retention and deletion policy ensures timely removal of outdated or unnecessary data, maintaining compliance with privacy regulations.

Integrity and confidentiality.

We implement appropriate security measures to process personal data in a manner that ensures its protection against unauthorized access, unlawful processing, accidental loss, destruction, or damage, in compliance with Article 5(1)(f) GDPR.

Shelbow:

  • Strict identity and access management protocols to safeguard sensitive data.
  • Strong password policies to enhance security.
  • Two-factor authentication (2FA) for added protection against unauthorized access.
  • Continuous logging and monitoring to detect and prevent security threats.
  • Regular employee training to ensure awareness of best security practices.
  • Standardised backup procedures with regular restoration testing to ensure data recoverability.

Accountability.

We take full responsibility for ensuring compliance with all data protection principles and can provide evidence of our compliance, as required by Article 5(2) GDPR.

Shelbow:

  • Clearly defined internal responsibilities for data privacy and security.
  • A structured Data Privacy and Information Security Management System to ensure ongoing compliance.
  • Regular internal reviews and audits to assess and improve data protection practices.
close menu icon

Learn how we helped 100 top brands gain success.

Let's have a chat