The GDPR is ensuring privacy, and so are we

The General Data Protection Regulation is a landmark privacy set of rules in force in the European Union since 2018. We’re here to help you comply with the GDPR through our robust privacy and security failsafes.

Please note: this page explains the impact of GDPR on the use of Overloop only and isn’t applicable for any other aspects of your business. It should not be considered as legal advice.

Sales engagement & cold emailing made for small and medium businesses. Send personalized cold emails campaigns, automatically outrech prospects on LinkedIn, handle your entire sales pipeline and track sales performances to close more deals.

GDPR 101

You may have been caught in the buzz around GDPR compliance. If you’re asking yourself: “What does this mean?”, relax, you’re not alone. We know the topic can be confusing and we’re here to break down what GDPR is and how it will affect your business.

What is the GDPR?

The General Data Protection Regulation (GDPR) is a regulation by which the European Parliament, the Council of the European Union, and the European Commission intend to improve data protection for all individuals within the European Union (EU).

The GDPR replaces the 1995 Data Protection Directive. It is the new Europe-wide set of rules governing the use and handling of individuals’ personal data. You can read the full regulation here.

It has 3 goals:

  • Standardizing European data protection regulations;
  • Giving citizens control over how their personal data is used;
  • Making sure that companies are aware of their responsibilities regarding personal data.

Overloop is aware of GDPR requirements and restrictions, and is fully compliant with them.

Does the GDPR apply to you?

If you collect or process the personal data of any European citizen, regardless of the country in which your company is based, the GDPR will affect your business.

The GDPR has also eliminated the distinctions between various types of businesses — including B2B, B2C, for-profit, and nonprofit — meaning the law applies equally to all organizations that process the personal data of European citizens.

How does the GDPR affect privacy law?

One of the main goals of the GDPR is to extend the rights of European residents in regards to the handling of their personal data. This can be summarized as follows:

  • More access and control over the storage and processing of personal data for consumers;
  • A tighter definition of consent and personal data;
  • More transparency regarding the use of their personal data once it has been collected.

The GDPR has also created new rights of access and data protection for “data subjects”:

  • Right to rectification: The data subject may request that their personal data be updated or corrected;
  • Right to be forgotten: The data subject may request that their personal data be permanently deleted;
  • Right to portability: The data subject may request that their personal data be sent to another organization or competitor;
  • Right to object: The data subject may object to specific types of processing or uses of their personal data;
  • Right of access: The data subject has the right to be informed of any and all of their personal data that has been collected, as well as its intended use.
Where can I learn more about the GDPR?

Everything you might want to know about GDPR is available on the EU GDPR Information Portal.

How can I sign your DPA?

We have added a Data Processing Addendum (DPA) to our Terms of Service. Please mail us at to get a copy of our new DPA. Then, please review, countersign, and return it to us.

Does GDPR affect cold emailing?

The GDPR does not outlaw the use of cold emailing, as long as the emails you are sending are directed to people who will find their content useful. Some requirements also need to be fulfilled nonetheless.

Cold email requirements for GDPR

  • The topic of the email must be clearly identified;
  • There must be a clear way to opt-out from future emails;
  • A genuine physical address must be included in the email;
  • The sender must be clearly identified.

GDPR & Overloop

At Overloop, trust is our #1 value and nothing is more important than the success of our customers and the protection of their data.

As data controllers

We are data controllers when we process data we collect from our customers.

As data processors

We are data processors when we process data belonging to our customers.

How did we get ready for the GDPR?

  • Familiarize ourselves with the regulation and attend legal training sessions

    The whole team has attended a training session regarding GDPR.
  • Nominate a Data Protection Officer

    We have nominated our CEO: Rafael Figueroa.
  • Adapt our Terms of Service and Privacy Policy

    We have updated our terms and conditions in order to ensure GDPR compliance.
  • Review our app and identify the functionalities that need to be included, adapted or removed

    We worked on Overloop to make it GDol-friendly (e.g. better export of data, exclusion lists with minimum amount of data, …)
  • Review all suppliers and ensure their compliance with GDPR

    We contacted all our suppliers who process personal data on our behalf in order to ensure they are GDPR compliant.

How can you comply with the GDPR?

As an Overloop customer, there are a few things you should do to comply with the GDPR.

GDPR Compliance checklist

  • Learn how to rectify and delete your leads’ information

    The right to access, modify and delete data is one of the key points of the GDPR. Find out how to delete leads or modify their information.

  • Delete the leads and lists you no longer need

    Another main objective of the GDPR is to minimize the risks of data breaches or leaks and prevent the misuse of European residents’ personal data.

    This is why it is better to delete all of your leads who are inactive or those who have unsubscribed from your communications already. If you are not using this information, then it is more advisable to discard it altogether.

  • Consult with your legal counsel

    The information on this page is designed to help you prepare for the GDPR in the context of our services and should not be taken as legal advice. Additionally, there may be parts of the legislation that affect other aspects of your business as well.

    We recommend you seek qualified legal counsel to determine what compliance measures you need to carry out to be fully compliant with the GDPR.