Never miss an episode!  Subscribe to the podcast on iTunes.


New Privacy Law Alert: GDPR + Unbounce (+ You)

On May 25, 2018, a new data privacy law called the General Data Protection Regulation (GDPR) will come into force, impacting how businesses collect and process data from individuals who live in the European Union (EU). It’s the most significant piece of data protection legislation to be introduced in the EU in 20 years, and will replace the 1995 Data Protection Directive.

Here’s what this means for you.

The GDPR Basics

What’s the gist of the GDPR?

It gives people who are based in the EU greater privacy rights—and means that there will be new rules to follow when it comes to collecting, tracking, or handling EU-based prospects’ and customers’ personal data.

Does the GDPR affect me?

If you have customers in the EU, plan to have customers in the EU, or process any form of EU data, this one’s for you.

So… what will the GDPR change for data security?

Quite a few things, from higher standards for protecting sensitive data, to harsher penalties for breaking the rules. For more, check out the details below!


This page isn’t the be-all-and-end-all on EU data privacy, nor should you consider it legal advice. This is meant to provide background information and help you better understand Unbounce’s strategy to comply with the GDPR.

Unbounce is 100% committed to your data privacy.

Unbounce takes data privacy very seriously, and we view the GDPR as an opportunity to enhance our commitment to data protection for the benefit our customers.

We’re excited to welcome the GDPR, as we know it will help reinforce true permission-based marketing, streamlined data and building trust between marketers, prospects, and customers in the EU.

As a trusted partner, our top priority is ensuring that our customers have confidence in our platform, and that the data they collect with Unbounce is processed securely and in accordance with GDPR requirements.

What’s Unbounce doing now to meet the GDPR rules?

We understand that Unbounce will play an integral role in our customers’ GDPR compliance strategy, and we’re committed to complying with the GDPR by the date of enforcement: May 25, 2018.

As of right now, we’re completing a comprehensive audit of the GDPR’s requirements and identifying where we need to make modifications to our platform, contracts, and documentation.

What’s next?

We’ll be keeping you (our stakeholders, customers, and partners) updated as we take steps to become GDPR-compliant. You’ll be hearing more from us soon, so sit tight!

What will the GDPR change?

Harsher penalties

Organizations that violate the GDPR can be fined up to 4% of their annual global turnover or €20 million (whichever is greater).

Extended user consent

Consent must be given in an easily understandable way, and it must be as easy for people to withdraw consent as it is to give it.

Right to access

The right for people to seek confirmation as to whether or not their data is being processed, where, and for what purpose.

Data portability

The right for a person to transmit their data to another data controller (such as another business).

Breach notification

It will be mandatory to notify their national Data Protection Authorities of a breach wherever a data breach is likely to “result in a risk for the rights and freedoms of individuals,” and companies must do this within 72 hours of becoming aware of the breach.

Privacy by design

Businesses that handle EU data must only collect information from people when it’s absolutely necessary, must integrate technical safeguards, and must limit third parties’ access to personal data in their data processing.

Right to be forgotten

People are entitled to have their personal data erased if they withdraw consent, or if their data is no longer relevant to the original purposes for which it was collected.

Territorial scope

The GDPR applies to all companies that control and process EU data, regardless of their physical location.

More Resources

Official Publications Office of the European Union

Learn more  

Data Protection Reform infographic

Learn more  

An overview of the General Data Protection Regulation

Learn more  

Reform of EU data protection rules

Learn more  

Data transfers outside the EU

Learn more  

Check out our Security page

Learn more  

“More than 90% of Europeans say they want the same data protection rights across the EU – and regardless of where their data is processed.”

Here’s what our Chief Product Officer said:

Carter Gilchrist

Chief Product Officer at Unbounce

“Our goal at Unbounce is to deliver industry-leading conversion tools to professional marketers  in the European Union (EU), and marketers who conduct business with EU-based individuals, so that they can grow their companies as fast as possible—being compliant with the GDPR will be integral to how we support this goal and ensure our customers’ success.”

Never miss an episode!  Subscribe to the podcast on iTunes.