General Data Protection Regulation

also know as GDPR

Stop Junk Mail is committed to high standards of information security, privacy and transparency and will comply with the General Data Protection Regulation (GDPR). Stop Junk Mail’s overall approach to data protection We have numerous data policies, procedures and processes in place to manage compliance with data protection law. Internal policies are managed by the Company Secretary and signed off by senior executives as part of Stop Junk Mail’s standard governance process. These internal policies relate to information security and data protection, all of which have been reviewed and updated in-line with GDPR. You can view our privacy notice on our website, which you can find here: Stop Junk Mail is advised by experienced lawyers and regulatory experts and has developed appropriate procedures and processes for each service. Stop Junk Mail has a dedicated Information Security team and an Information Rights and Governance team which are responsible for providing support to the business in relation to privacy, data protection compliance, information governance and record management. Stop Junk Mail also has its own Data Protection Officer. We strive to ensure the protection of all the personal data on our customers, as well as all other information we hold so that we have the trust of our customers and regulators when we innovate and use the information we hold in new ways. Stop Junk Mail’s role as a data controller Where Stop Junk Mail is requested to deliver mail or parcels (including where an organisation provides personal data as ‘pre-advice’ for delivery purposes) we take the view that we are acting as the data controller for these services. This is backed by the ICO’s guidance here Opens in new window . Paragraph 39 states: ‘…the delivery service will be a data controller in its own right in respect of any data it holds to arrange delivery or tracking for example, such as individual senders’ and recipients’ names and addresses and in respect of its own staff records and so forth.’ We sometimes receive GDPR questionnaires from organisations which have assumed that we are acting as their data processor when delivering mail, which in the majority of cases is incorrect. Where we act as a controller we take on controller responsibilities and therefore do not intend to provide detailed responses to those questionnaires. Stop Junk Mail integrity Stop Junk Mail takes the security of our customers’ mail very seriously. We have robust approaches to security of mail and are committed to maintaining our high standards in meeting and exceeding the expectations of our customers. Data retention Stop Junk Mail has internal data retention policies which cover the requirements for data retention and secure disposal/destruction of information waste in compliance with the Group’s legal and regulatory obligations. Sub-contractors The Group sub-contracts some of its personal data processing to external data processors. Prior to appointment, our sub-contractors go through a detailed security audit and must adhere to the Stop Junk Mail information security policies. Any compliance issues are reported through the relevant supplier manager to Group Compliance for advice and then escalated appropriately. Processing outside of the EEA Stop Junk Mail will not need to transfer personal data about customers to third parties located outside the UK. We are committed to being recognised as the best anti junk mail service in the UK and across Europe.

Need help? Contact our support team

© 2019 Stop Junk Mail. All rights reserved