VIP Customer Service
888-GO-JANGO

DMA Privacy Shield Program

JangoMail uses the DMA for dispute resolution for matters pertaining to the EU General Data Protection Regulation (“GDPR”).

The framework items/areas include the following:

Data Analysis:
Analyze data intake flows, data uses, and transfers to third parties.

Notice to Customers:
a. Determine to whom, and when, notices must be given;
b. Assure notices are drafted accurately and are given at all appropriate times and places; and
c. Determine manner in which notice is made publicly available.

Opt-out/Opt-in:
Provide consumers with the opportunity to opt-out or opt-in depending on the nature of the data. Set-up appropriate procedures to respect consumers’ opt-out/opt-in requests particularly with respect to consumers’ requests to not be approached for direct marketing (i.e., in-house suppression system.)

Onward Transfer:
Determine the need for contracts with respect to the transfer of information to third parties. The onward transfer of personal information must be documented by contracts containing appropriate safeguards. Note: JangoMail does not use onward transfer, except for when legally required to do so (i.e., a court order). JangoMail does share your data with any third party otherwise.

Access:
Set-up procedures to allow customers the ability to access their personal information and the ability to correct, amend or delete it where it is inaccurate or is being processed in a manner that does not comply with the privacy principles in the Privacy Shield.

Security:
Set-up procedures to ensure that the customer’s personal information is protected and secure.

Data Integrity and Purpose Limitation:
Set-up procedures to ensure that the customer’s personal information is reliable, accurate, complete, current and processed in accordance with stated purposes.

Enforcement:
a. Refer consumers to your customer service department or other in-house dispute handling program to address their data privacy complaints; and
b. Utilize the DMA Privacy Shield Program as the required independent third-party dispute resolution mechanism to address any unresolved in-house consumer data privacy complaints.
c. Disclose to consumers their ability to seek binding arbitration if steps– a and b listed above do not resolve complaint to the consumer’s satisfaction.
d. If consumer has a national security concern – s/he can be referred to the new Ombudsperson at the Department of State.

Assessment:
Establish an annual compliance review process by adhering to either:
a. An internal self-assessment compliance review – you need to develop procedures for periodic objective reviews of compliance with your privacy policy and complaint handling; or
b. An outside third-party assessment review/audit.

Training:
a. Assure all personnel receive general training in your Shield privacy policy. More extensive training should be provided to personnel who have access to or deal with the data; and
b. Modify employee/personnel policies to provide for training and discipline for failure to follow your policy.