1. Voma Help Center
  2. Voma's Security & Privacy

How Voma complies with GDPR

A guide to our GDPR compliance.

At Voma, we work hard to comply with EU General Data Protection Regulation (GDPR), to ensure that we fulfill its obligations and maintain transparency about customer messaging and how we use data. 

Here is an overview of GDPR, and how we comply with it at Voma:

What is GDPR?

The GDPR is a comprehensive data protection law that came into effect on May 25, 2018. It replaced existing EU law to strengthen the protection of "personal data" and the rights of the individual. It's a single set of rules which governs the processing and monitoring of EU data.

Does it affect me?

Yes, most likely. If you hold or process the data of an any person in the EU, the GDPR will probably apply to you, whether you’re based in the EU or not.

How did Voma prepare for GDPR?

Our teams worked hard to ensure we complied with GDPR. This is an ongoing effort to make sure we’re meeting our legal obligations, and doing the best thing for our customers while still letting us deliver great products.

Data Portability

Voma can help you meet your data portability requirements for GDPR, you can request an export of all of your data or granular subsets linked to an individual, and permanently delete all data linked to an individual user or request all data be deleted for your account.

Data Processing Addendum

Strong data protection commitments are a key part of GDPR’s requirements. Our updated data processing addendum shares our privacy commitments and sets out the terms for Voma and our customers to meet GDPR requirements.

International Data Transfers

To comply with EU data protection laws around international data transfer, we have included Standard Contractual Clauses (SCC) in our data processing addendum.

Vendors

We regularly review our vendors to ensure that they are GDPR-compliant.

Customers

Voma also includes a GDPR checkbox in your payment page settings that can be enabled for EU visitors or all visitors:



The text of this field is customizable and can also include a link to an external page. When this field is enabled on your payment page(s), it is an optional field.

Voma makes the consent and location (whether the visitor is in the EU or not) data available through:

  • Order details pages in your Voma account
  • CSV export of orders in your Voma account
  • Zapier

Additionally, if you have integrated Voma with one of our direct email integrations, Voma will automatically apply tags to subscribers in your email platform in some cases:

  • If someone checks GDPR checkbox when submitting the payment page, add "Voma - GDPR consent" tag to your email platform
  • If someone is in EU when submitting the payment page, add "Voma - Customer in EU" tag to your email platform

Some additional steps you can take are:

  • Get familiar with the GDPR requirements and how they affect your company.
  • Map out everywhere you process data and carry out a gap analysis.
  • Consider how you can leverage Voma to help with your GDPR compliance.
  • Look at your product roadmap, think about privacy when you’re planning.
  • Chat to your lawyer about what your company needs to do to.
  • Keep an eye on the developing guidelines from the European Data Protection Board.

 

If you have any questions, please let us know at help@voma.ai or in our live chat at the bottom right of your screen