Appenso

GDPR Compliance

Last Updated: [Insert Date]

1. Introduction to GDPR

The General Data Protection Regulation (GDPR) is a European Union (EU) regulation that mandates how organizations should handle personal data. Effective since May 25, 2018, GDPR gives EU citizens control over their personal data.

GDPR applies if you are an EU citizen or, as a business, if you handle personal data of EU citizens.

2. Our GDPR Compliance Framework

In our relationship with customers, you operate as the data controller while we serve as the data processor. You are responsible for ensuring lawful processing of personal data you collect, while we comply with GDPR requirements as processors.

3. Data Collection Compliance

To comply with GDPR for email communications:

  • You must obtain explicit consent from email subscribers
  • We recommend using double opt-in processes
  • For existing EU contacts, you may need to reconfirm consent
  • All marketing emails should include a visible unsubscribe link

4. Data Storage & Processing

Our approach to data storage ensures GDPR compliance:

  • Customer data remains in your Google account (Sheets, Docs, Gmail, Drive, Forms)
  • We do not store email messages or Google Drive file contents on our servers
  • Optional campaign tracking data (opens, clicks) is stored in our database for reporting
  • We use Google Cloud database (us-east) located in the United States

Technical Infrastructure

  • Error tracking via Google Stackdriver (no PII data included)
  • Payment processing through PayPal, Stripe, and Paddle (no access to banking/credit card details)

5. Data Portability

We facilitate your GDPR compliance regarding data portability:

  • We do not transfer, sell, or share your data with third parties
  • You can export all subscriber data to Google Sheets for easy migration
  • Our add-ons only store data essential for functionality

6. Right to Erasure

We support your "right to be forgotten" obligations:

  • All add-ons include a deactivate option to permanently delete user data
  • You can submit deletion requests which we will process in compliance with GDPR
  • Uninstalling an add-on or revoking access immediately stops data processing

7. Your Role in Compliance

While our tools facilitate GDPR compliance, your practices are crucial:

  • Our add-ons use your Gmail account to send emails
  • You control the data fed into our tools via Google Sheets and Forms
  • Your email sending practices ultimately determine GDPR compliance

8. Contact Information

For any GDPR-related inquiries, please contact:

Email: [email protected]

We will respond to all GDPR-related requests within the required timeframe.