The GDPR is a comprehensive privacy law in Europe which goes into effect on May 25th, 2018.

The law establishes requirements on the handling of personal information, especially when data crosses borders. It requires explicit opt-in before marketing to a European, legitimate business reasons for storing and processing personal information, and enshrines several new rights. The new rights include “the right to be forgotten”, portability of personal information, and to be notified promptly in the case of a data breach.

Yes! Any business that interacts with a person inside the European Economic Area (EEA) is affected, even if it was an unsolicited contact form lead or questionnaire response. By receiving their personal information, you are required to conduct yourself according to the GDPR. Failure to respect the GDPR may result in massive fines.

Táve is now fully compliant with the GDPR, we're even Privacy Shield Certified. 

However, for a business using Táve to handle personal information of people in the EEA in a compliant manner, they’ll need to sign a Táve Data Processing Addendum (DPA) that supplements our Terms of Service. 

In order to be fully compliant, you as a business using Táve needs to execute a DPA. To do so, download the pre-signed PDF, then complete and sign the document. Be sure to complete every section that requires your information and signature, which are highlighted with a blue margin. 

Email the final copy to privacy@tave.com. Once we acknowledge receipt of a completed addendum, the agreement is considered fully executed. 

Complying with the GDPR isn't easy, but we're here to help! Click below to learn about the tools and information you'll need to be compliant while using Táve.

This discussion of the GDPR is not legal advice. Please consult a lawyer if you have questions about the GDPR and your business.