The GDPR is ensuring privacy, and so are we
The General Data Protection Regulation is a landmark privacy set of rules in force in the European Union since 2018. We’re here to help you comply with the GDPR through our robust privacy and security failsafes.
Please note: this page explains the impact of GDPR on the use of Overloop only and isn’t applicable for any other aspects of your business. It should not be considered as legal advice.
You may have been caught in the buzz around GDPR compliance. If you’re asking yourself: “What does this mean?”, relax, you’re not alone. We know the topic can be confusing and we’re here to break down what GDPR is and how it will affect your business.
- What is the GDPR?
The General Data Protection Regulation (GDPR) is a regulation by which the European Parliament, the Council of the European Union, and the European Commission intend to improve data protection for all individuals within the European Union (EU).
The GDPR replaces the 1995 Data Protection Directive. It is the new Europe-wide set of rules governing the use and handling of individuals’ personal data. You can read the full regulation here.
It has 3 goals:
- Standardizing European data protection regulations;
- Giving citizens control over how their personal data is used;
- Making sure that companies are aware of their responsibilities regarding personal data.
Overloop is aware of GDPR requirements and restrictions, and is fully compliant with them.
- Does the GDPR apply to you?
If you collect or process the personal data of any European citizen, regardless of the country in which your company is based, the GDPR will affect your business.
The GDPR has also eliminated the distinctions between various types of businesses — including B2B, B2C, for-profit, and nonprofit — meaning the law applies equally to all organizations that process the personal data of European citizens.
- How does the GDPR affect privacy law?
One of the main goals of the GDPR is to extend the rights of European residents in regards to the handling of their personal data. This can be summarized as follows:
- More access and control over the storage and processing of personal data for consumers;
- A tighter definition of consent and personal data;
- More transparency regarding the use of their personal data once it has been collected.
The GDPR has also created new rights of access and data protection for “data subjects”:
- Right to rectification: The data subject may request that their personal data be updated or corrected;
- Right to be forgotten: The data subject may request that their personal data be permanently deleted;
- Right to portability: The data subject may request that their personal data be sent to another organization or competitor;
- Right to object: The data subject may object to specific types of processing or uses of their personal data;
- Right of access: The data subject has the right to be informed of any and all of their personal data that has been collected, as well as its intended use.
- Where can I learn more about the GDPR?
Everything you might want to know about GDPR is available on the EU GDPR Information Portal.
- How can I sign your DPA?
We have added a Data Processing Addendum (DPA) to our Terms of Service. Please mail us at to get a copy of our new DPA. Then, please review, countersign, and return it to us.
Does GDPR affect cold emailing?
The GDPR does not outlaw the use of cold emailing, as long as the emails you are sending are directed to people who will find their content useful. Some requirements also need to be fulfilled nonetheless.
Cold email requirements for GDPR
- The topic of the email must be clearly identified;
- There must be a clear way to opt-out from future emails;
- A genuine physical address must be included in the email;
- The sender must be clearly identified.
GDPR & Overloop
At Overloop, trust is our #1 value and nothing is more important than the success of our customers and the protection of their data.
As data controllers
We are data controllers when we process data we collect from our customers.
As data processors
We are data processors when we process data belonging to our customers.
How did we get ready for the GDPR?
- The whole team has attended a training session regarding GDPR.
- We have nominated our CEO: Rafael Figueroa.
- We have updated our terms and conditions in order to ensure GDPR compliance.
- We worked on Overloop to make it GDol-friendly (e.g. better export of data, exclusion lists with minimum amount of data, …)
- We contacted all our suppliers who process personal data on our behalf in order to ensure they are GDPR compliant.
How can you comply with the GDPR?
As an Overloop customer, there are a few things you should do to comply with the GDPR.