VIP Customer Service

DMA Privacy Shield Program

JangoMail uses the DMA for dispute resolution for matters pertaining to the EU General Data Protection Regulation (“GDPR”).

The framework items/areas include the following:

Data Analysis:
Analyze data intake flows, data uses, and transfers to third parties.

Notice to Customers:
a. Determine to whom, and when, notices must be given;
b. Assure notices are drafted accurately and are given at all appropriate times and places; and
c. Determine manner in which notice is made publicly available.

Provide consumers with the opportunity to opt-out or opt-in depending on the nature of the data. Set-up appropriate procedures to respect consumers’ opt-out/opt-in requests particularly with respect to consumers’ requests to not be approached for direct marketing (i.e., in-house suppression system.)

Onward Transfer:
Determine the need for contracts with respect to the transfer of information to third parties. The onward transfer of personal information must be documented by contracts containing appropriate safeguards. Note: JangoMail does not use onward transfer, except for when legally required to do so (i.e., a court order). JangoMail does share your data with any third party otherwise.

Set-up procedures to allow customers the ability to access their personal information and the ability to correct, amend or delete it where it is inaccurate or is being processed in a manner that does not comply with the privacy principles in the Privacy Shield.

Set-up procedures to ensure that the customer’s personal information is protected and secure.

Data Integrity and Purpose Limitation:
Set-up procedures to ensure that the customer’s personal information is reliable, accurate, complete, current and processed in accordance with stated purposes.

a. Refer consumers to your customer service department or other in-house dispute handling program to address their data privacy complaints; and
b. Utilize the DMA Privacy Shield Program as the required independent third-party dispute resolution mechanism to address any unresolved in-house consumer data privacy complaints.
c. Disclose to consumers their ability to seek binding arbitration if steps– a and b listed above do not resolve complaint to the consumer’s satisfaction.
d. If consumer has a national security concern – s/he can be referred to the new Ombudsperson at the Department of State.

Establish an annual compliance review process by adhering to either:
a. An internal self-assessment compliance review – you need to develop procedures for periodic objective reviews of compliance with your privacy policy and complaint handling; or
b. An outside third-party assessment review/audit.

a. Assure all personnel receive general training in your Shield privacy policy. More extensive training should be provided to personnel who have access to or deal with the data; and
b. Modify employee/personnel policies to provide for training and discipline for failure to follow your policy.