GDPR compliance

No matter what type of business you operate, if you handle the personal data of people in the E.U. area, you’ll need to ensure that your data collection and storage processes comply with the GDPR.

It’s been almost a year since the General Data Protection Regulation (GDPR) came into force, and although the dust has settled somewhat, the stringent rules of this E.U. legislation are ever present.

What data protection rules does the GDPR enforce?

You must have a GDPR-approved legal ground for collecting personal data in the first place. For marketing communications, this basis is usually “consent”.

In this case, you’ll need to capture data in such a way that allows you to gain explicit consent, for example, through an “opt-in” box. You should have verifiable proof of that consent, such as a timestamp which shows the subscriber’s location, and the date/time of when consent was given.

Once you’ve obtained legal consent, you must only use the data for the specific purpose you’ve identified. Should the subscriber ever want to see what data you’re holding about them or get themselves removed from your database, you’re obliged to meet these requirements.

Additionally, data storage systems should be robust and secure, especially when data is being transferred out of the E.U.

GDPR challenges

As an online store, you need to be able to contact your customers or prospects with promotional offers or other information that they might be interested in, to encourage future sales and business growth.

The strict GDPR rules puts the emphasis on you, as the data controller, to handle customer data transparently, and put the correct procedures in place to protect data.

That means making sure that any systems you use for capturing data or sending out communications are also GDPR compliant. Finding a data management system that works for your business, which is also cost-effective, can prove challenging.

How Tobi helps with GDPR compliance

Tobi is a powerful, fully-automated remarketing tool that allows you to send instant clickable messages to existing and potential customers through SMS messages.

Subscriber data removal

Tobi allows you to remove or “forget” individual subscribers as and when needed, the latter function complying with the subscriber’s right to be forgotten. A bulk delete option is also available too.

No data transfers outside the E.U.

All Tobi servers are based inside the E.U. and are GDPR compliant. Because we already adhere to higher standards of data protection, we’re not required to apply for Privacy Shield Certification.

A smart, cost-effective remarketing tool you can rely on

Tobi SMS notifications helps you to engage with your customers or prospects by sending timely marketing and customer service communications to attract them back to your online store.

Moreover, Tobi is a GDPR compliant system, that you as a data controller can use with confidence. Learn more about the benefits of Tobi, plus pricing options on Shopify.