GDPR Compliance Information for DPD

  • Jason@DPD
  • May 1, 2018

The European Union’s General Data Protection Regulation (GDPR) will come into effect on May 25, 2018. This regulation changes how companies use and process the personal data of European users, including vendors outside of the EU that sell to EU buyers.

DPD is working toward being compliant with this new EU law and we will be compliant by May 25, 2018.

What has DPD already done to comply with the GDPR?

  1. Appointed a Data Protection Officer to oversee our data protection program.
  2. Added a Data Processing Addendum to our Terms and Conditions of Service, as required by Article 28 of the GDPR.
  3. Implemented a Data Protection Impact Assessment process, as required by Articles 35 and 91 of the GDPR.
  4. Reviewed our contractual arrangements with sub-processors to ensure that they are required to protect personal data.
  5. Conducted GDPR-focused training to key teams and personnel.
  6. We have updated our Privacy Policy and Acceptable Use Policy to be legally compliant and easier to understand.

What other changes will DPD implement to be compliant with the GDPR?

  1. Adding functionality to anonymize buyer information for past purchases if requested (“right to be forgotten” requirement)
  2. Adding functionality for vendors to explicitly ask for opt-in to marketing communications during checkout (“ask for consent” requirement)
  3. Expanding our existing data export options to include all buyer information if requested (“Provide portability of the data collected” requirement)

Privacy Shield Registration

Additionally, DPD has applied for Privacy Shield registration and self-certification with the US Department of Commerce to aid vendors in their compliance efforts. We will post an update when this process is complete.

We will be posting further updates as the new features are released.

Responses (2) / Trackbacks (0)

    by Michael Perce
    May 08th, 2018


    Will we have the option to disable sales to European Customers through DPD, if necessary? I have a few customers in Europe, but I can live without them if they are going to be a hassle.

    by Gerben
    May 25th, 2018


    Great service, guys. There is a backlash on the massive (mis)use of personal data, GDPR is probably only the start of that backlash, and it is great to (by using DPD) to be a company that protects the privacy of its customers and give them a bit of control.I like being able to tell people we take their privacy very seriously.

Leave a Response

This site uses Akismet to reduce spam. Learn how your comment data is processed.