The European Union General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy in the European Union (EU) and the European Economic Area (EEA). This article describes Drag’s GDPR compliance status.
If your company needs to ensure it is GDPR-compliant, it also needs to ensure its providers (e.g. Up) are also GDPR compliant. Up is GDPR-ready, and strictly enforces the regulation to protect users’ data we handle. The list of the users’ information we collect, as well as how we use, protect and share them is disclosed in our privacy policy, which can be accessed here.
Up is fully compliant with the regulation. Individuals in the EU have certain rights under the GDPR. Our audience management tools allow you to easily respond to data requests from your contacts—without a cumbersome process or waiting for someone to handle the request for you.
Here are some common questions and answers related to regulation and data protection.
Right of access
You can export data about individual contacts from your Up account, which can help you fulfill access requests
Right to be forgotten
You can delete contacts from your Up account at any time. And when someone is removed from your contacts, we anonymize their data in your reports so you stay compliant without losing any audience insights.
Right to object
If a contact objects to you processing their personal data you can remove them from your Up account at any time.
Right to rectification
You can access and update your contact lists to correct or complete contact information at any time. You can also create a preferences center where your Contacts can update their information and preferences on their own.
Right to portability
You can export any of your audiences, or selected information within any audience, at any time in your Up account.
