How does Zymplify comply with GDPR?

As the only end to end Marketing Automation platform on the market that supplies B2B Prospecting Data to it's clients Zymplify are acutely aware of our responsibilities around Data Compliance and compliance with GDPR. 

Our team has spent a considerable amount of time and effort working on our product and data solutions to ensure that both Zymplify and it's clients can be 100% satisfied that they are operating in compliance with GDPR. 

This blog will set out, in simple and understandable language, how Zymplify's software, and in particular our data products, are completely compliant with GDPR. 

Legal Basis – how Legitimate Interests enables Zymplify to provide B2B Prospecting Data at scale

Under GDPR, companies must demonstrate that they have a lawful basis for processing data which falls under the remit of GDPR. That is any data which can be used to identify a living individual within the EU. There are 6 legal basis for processing data,however, when it comes to B2B Marketing the most relevant and useful basis is Legitimate Interests. 

What is Legitimate Interests?

Legitimate Interests is the most flexible legal basis for processing data. There are 3 elements to the legitimate interests basis:

1. Identifying a legitimate Interest –  the legitimate interest can be your own interests or the interests of third parties and can include commercial interests. 

2. Show that the processing is necessary to achieve this interest – e.g if the legitimate interest is that a prospect may be interested in your products or services and your commercial interest is to sell to that prospect then the processing necessary may be holding their data for marketing purposes. 

3. Balance the interest against the rights and freedoms of the individual – e.g where a prospect objects to receiving your marketing communications you should ensure that their data is no longer processed and give them an easy method of opting out. Zymplify helps clients achieve this with our embedded unsubscribe links. 

In addition, you must include details of your legitimate interests within your privacy policy. 

More information in relation to legitimate interests as a legal basis can be found on the ICO Website.

Not only is Legitimate Interests a perfectly legal and responsible tool to be used in planning your marketing strategy but it also provides Zymplify with a legal basis for operating our business and providing prospecting data to our customers. 

Zymplify's data offerings include intent-based data such as data in respect of individuals who are visiting your site, leaving intent to buy signals online or data on companies who are actively researching your market on G2. These intent signals strengthen the legitimate interests argument and assist with clearly identifying a legitimate interest exists (per 1. above). 

Which Data is cover under GDPR and what other data does Zymplify provide?

Zymplify provides a range of data as part of our software product, from Business Data ( to which GDPR does not apply) to Personal Data (to which GDPR is applicable). When we identify a company visiting your site, engaging with your competitors or researching similar products or services the data that we process in respect of those companies e.g. company name, IP address, industry, telephone number, website etc are not governed by GDPR.

The business email addresses and prospects names that we supply in respect of individuals (not generic emails) are covered under GDPR and this is where we rely on legitimate interests as our legal basis for supplying and processing this data. 

Where does Zymplify acquire data and is it compliant?

Yes, Zymplify sources data from a range of reputable data partners with whom we have strong commercial agreements that are underpinned by requirements to adhere to compliance with GDPR. 

All of our data is checked for accuracy at the point of delivery which means we carry out automated verifications on the deliverability of the email data. 

We also have policies in place to deal with the deletion of data, for example where an individual objects to the processing of their data our clients can advise us and we will remove and block that persons data from being processed in the future. 

Summary

In conclusion, we take our compliance obligations extremely seriously here at Zymplify and it is within our interests and the interests of all our clients to ensure that the data we supply as part of our software remains both compliant and accurate. We can assure our clients that our data is 100% compliant with GDPR and we continually monitor our processes to keep up to date with changes in legislation across various jurisdiction. 

Should you have any queries in relation to our data please do not hesitate to contact us. 

DISCLAIMER: Zymplify have conducted extensive research into the GDPR and have an active working knowledge intended to help our clients remain compliant.  Zymplify however does not provide legal advice on the GDPR and cannot be held responsible for the GDPR compliance of any organisation other than our own, it is the responsibility of each business to ensure their own compliance with the GDPR.  If you require legal advice please contact your solicitor or visit the ICO website for further information https://www.ico.org.uk