ianj
Member of DD Central
Posts: 654
Likes: 519
|
Post by ianj on May 18, 2018 9:33:48 GMT
Surely Sharpspring fall foul of GDPR themselves, unless there is an opt out from them sharing my (all our) data, but as I'm not separately signed up with them I'm not sure how to opt out? The source of the link www.moneything.com/unsubscribe.html is headed "SharpSpring Form for Unsubscribe page", so perhaps we would indeed be opting-in to them sharing our data!
|
|
|
Post by SophieThing on May 18, 2018 11:36:48 GMT
Hi Everyone,
Just to clarify, I think it’s fairly common for businesses to use specialist email providers to help them to send out emails. We use SharpSpring to send out emails to our customers. They are a marketing automation platform, like Mailchimp, whom you may have heard of. They help us to manage our communications, make sure our emails are not accidentally classed as spam and also they make sure their systems comply with all of the regulations around the sending of emails.
We take our obligations to lenders seriously and would not pass on any lender information to any third party without taking the proper steps.
We have a service agreement in place with SharpSpring, as we do with all our third party providers. They are classed as a ‘data processor’ and not a ‘data controller’ and so any information we put on their platform does not belong to them and they can’t use it for any other purpose. We also have a GDPR addendum to the agreement (as we do with all data processors) to make sure that everything we do and they do is compliant with the new data protection laws. Their GDPR addendum is available on their website.
In summary, SharpSpring have no rights to your data and can’t use it. They won’t pass on your data and they won’t send you any emails. They don’t have any rights to do this. If you give us your data, we will treat it in accordance with our privacy policy. As an aside, clause 8.2.b provides for us using third party companies to help us to provide services to lenders.
As for not being able to send emails to a disposable email address, we’ve asked why not and we’re waiting for a response.
As for security over entering your email address on the unsubscribe page: this page is hosted on our website and the data is going to us and SharpSpring only. If someone else entered your email address on this page, then the consequence is that they could sign you in/out of receiving marketing emails from us. They would need to know your email address, and have the link we sent you. I’m not sure what someone could gain from doing this. They certainly can’t access your MoneyThing account or do any other functions on your account.
As for being able to change your email settings from our admin area- yes agreed this would be nice. We’ve had this on the development list for a while and still intend to do this.
Anyone that does not want us to send them emails using SharpSpring can unsubscribe. You can either do that by clicking unsubscribe on the bottom of the emails or by emailing us. We use SharpSpring for both service notifications and for marketing emails, and so you will need to be unsubscribed from both lists and get our updates from the platform instead. You will still get deposit and withdrawal notifications as these are generated directly from our platform.
Kind regards,
Sophie
|
|
|
Post by Duane Dibley on May 23, 2018 16:18:56 GMT
Have I got this right?
MoneyThing are sending emails to customers asking whether they want to receive emails.
Why?
You don't need to be Socrates (or even Rivelino) to deduce a slight discord in the logic of their position.
So why are they doing it, it's a complete misinterpretation of the GDPR, and simply pees off existing customers?
And if they're misinterpreting the GDPR in this way, what other requirements regarding data or more importantly client funds are they either accidentally or deliberately 'misinterpreting'?
|
|
ilmoro
Member of DD Central
'Wondering which of the bu***rs to blame, and watching for pigs on the wing.' - Pink Floyd
Posts: 10,906
Likes: 11,127
|
Post by ilmoro on May 23, 2018 16:36:45 GMT
The response to GPDR seems to take one of two strands ... notification of an updated privacy policy & the right to amend/withdraw from comms or notification of a requirement to positively opt in going forward. So if MT are misinterpreting it they are not alone. Either seems perfectly valid. The latter of course cleans up the mailing list but also has the risk of cutting of Comms with the unresponsive in the short term.
Edit I've just had two opt in incl one from a FTSE coy
|
|