Logotipo Help Portal
  • Primeros Pasos

    Introduction

    • Onboarding overview
    • Project Initiation
    • Email compliance
    • Gestión de Cuentas

    Datos

    • Intercambio de datos
    • Embarque de datos
    • Web data collection
    • Integraciones

    Channels

    • Email onboarding
    • Smart Insight
    • Predict
  • Vídeos formativos

    Resources

    • Introduction
    • Online Self-learning
    • Vídeos de embarque

    Events

    • Instructor-led Training
    • Webinars
    • Seminars
    • Training Calendar
  • Guías de usuario

    Estrategia

    • Personalización
    • Automatización
    • Data Monitoring

    Channels

    • Email
    • Apps para móviles
    • Web
    • Ads
    • SMS

    Add-ons

    • Smart Insight
    • Predict
    • Recomendación de Incentivos
    • AIM
    • Relational Data
  • Artículos de apoyo
    Forrester Wave CCCM (Independent Platforms) Report Q4 2019

    Novedades

    • ¿Qué hay de nuevo en la Plataforma de Emarsys?
    • Updates from the CSA
    • Funciones Piloto
    • Artículos sobre Protección de Datos y GDPR

    Support

    • ¿Cómo puedo obtener ayuda?
    • Edita un Perfil de Usuario
    • Preparing for Black Friday 2019
    • Black Friday 2019 - Best practices
  • |
  • Partners

    Enhance Partners

    • Getting Started as an Emarsys Partner
    • The Emarsys Integration Platform
    • Automation Center Integrations
  • Desarrolladores
  • Estado del sistema
Necesita ayuda?
Español Deutsch English Français Русский Türkçe 简体中文 Test New Chat
Iniciar sesión
  • Centro de Asistencia Técnica de Emarsys
  • Todos sobre la protección de datos
  • 0 Centro de Asistencia Técnica de Emarsys Todos sobre la protección de datos

En esta sección

  • GDPR and Data Protection - Overview
  • What GDPR means to you as an Emarsys customer
  • Preguntas más frecuentes sobre el GDPR para clientes de Emarsys
  • GDPR and the Emarsys Platform
  • GDPR and Web Extend - all you need to know
  • Best practices for opt-in
  • Best practices for your Privacy Policy
  • Updates from the CSA: Email footers and data retention
  • Emarsys Data Processing Agreement
  • Artículos sobre Protección de Datos y GDPR
EDIT
Expand all

Updates from the CSA: Email footers and data retention

Updated: 21 de mayo de 2019 00:00

Data protection and transparency have always been core tenets of Emarsys – even before GDPR came into force on 25th May, 2018. These high standards are the basis of our certification with the Certified Senders Alliance (CSA), which manages a whitelist to ensure safe delivery of emails in several ISPs and mail providers. Its quality standards cover legal and technical admission criteria. 

We would like to inform you of two recent changes to these standards.

  • Email footer requirements
  • Data to retain following a GDPR data deletion request

Email footer requirements

As of 25 May 2019, in every email you send an easily recognizable legal notice must be contained as full text.

This means it will not be enough to just link to that information on a web page.

The legal notice must contain the following details:

  • Name of supplier, and in the case of companies, corporate name and legal form.
  • Authorized representatives (in the case of legal entities).
  • Postal address at which the sender can be summoned (i.e. not a P.O. box).
  • Email address.
  • Telephone and fax number, if applicable.
  • If available, commercial, cooperative, association, or partnership register number.
  • If available, VAT identification number and/or business identification number.
  • In the case of journalistic and editorial content, the name of the publisher.

Further obligations to provide information in accordance with national laws are not affected.

You can find an example of a compliant legal notice for a limited liability company as well as additional background information here:

  •  “eco Directive for Permissiblee-Mail Marketing” on pages 29 et sqq.
  • “CSA Admission Criteria” under number 2.4

It is most likely you are not affected by this change, as your templates should meet these requirements already because they have long been best practice policy. 

However, if you notice otherwise or have questions relating to this, please don’t hesitate to get in touch with your Success Manager.

Data to retain following a GDPR data deletion request

Even following a data deletion request, proof of double-opt-in should be kept for 3 years.

Since GDPR introduced the 'right to be forgotten', customers can contact you and request that all the data you hold on them be deleted.

However, Art. 17 para. 3 e does explicitly allow for some data to be retained, for example in order to protect you from litigation. The CSA, for example, expects businesses to keep at least the following data for the duration of the statute of limitations (e.g. in Germany 3 years after the latest sending):

  • The declaration of consent.
  • The contact email address.
  • The “place” (e.g. registration form) and time of the data collection and the DOI.

You can read the CSA's own advice here:

  • Obligation to Delete vs. Burden of Proof 
¿Fue útil este artículo?

¿Tiene más preguntas? Enviar una solicitud
Regresar al inicio

Emarsys es líder

You may also be interested in:

Artículos relacionados

  • Email compliance self-assessment
  • What GDPR means to you as an Emarsys customer
  • Pilot features and products
  • Overview:: Predict FAQ
  • Black Friday 2019 - We are ready!
Copyright © 2019 Emarsys eMarketing Systems. All rights reserved
Legal Notice Privacy Policy Master Services Agreement Anti-spam Policy