This blog post explains in practical terms how to get GDPR compliant with Listagram in a few simple steps.
24 May, 2018
Practical guide to GDPR compliance with Listagram
1) Sign the Data Processing Agreement
Click here to sign the agreement, it should not take more than a few minutes. You will receive a signed PDF copy by email shortly after signing it.
2) Make sure you get consent from your visitors
A critical part about GDPR is getting consent from your visitors to contact them. If you intend to email your users after they have played with your Listagram wheel, you need to be explicit about them joining a newsletter and that they will receive promotional information. This was already possible and recommended by Listagram, as well as implemented by most of our larger customers. We recommended that you in the “Rules” section of your wheel clearly state that they are joining a newsletter.
Checkbox to give consent
It is our lawyers understanding of GDPR that it is not strictly required to have a checkbox for your users to tick that they are joining your newsletter. We have however decided to implement this as a feature in order to satisfy the customers that want this in their fortune wheels. You can enable this under your wheels “Settings” page under the section “EU GDPR Settings”.
3) Use our GDPR search tool when receiving information and deletion requests
With GDPR your users must be able to request what information you have saved on them, as well as request to have it deleted. To meet this requirement we have created a GDPR Search Tool which lets you look up an email address to see what information is saved on them. This tool also lets you delete all the information on a single click. Since you can have multiple wheels and the user might have left their email address on more than one wheel, the tool will show signups across all wheels in your account.
We (Listagram) can also accept information and deletion requests. We will email you if one of your subscribers contact us in order to see what is saved on them, or have it deleted.
4) Update your cookie policy
I am sure you have already been working on this but you need to explain the different cookies you use on your website. Listagram use some cookies that is set on your domain in order to know whether the user has already played the wheel, clicked “No thanks” so he won’t see it again and so on.
The exact cookies are as follows:
- LISTAGRAM-COUPON: Contains the value of the coupon (if any) they won after spinning the wheel
- LISTAGRAM-FOOTER: Contains information used in the footer reminder after spinning the wheel (only used if this feature is used by the wheel)
- listagram-wheel-XXX: Contains information on whether wheel with id XXX has been played or closed (“No thanks”) by the customer
- listagram-temporary-wheel-XXX: Contains information on whether wheel with id XXX has been seen but not interacted with
In the two last cookies you need to replace the XXX part with your wheel ID, or keep them general in your cookie policy.
5) Make sure your account profile is up to date
It is important that your account profile information is updated and contains your correct company details. Please visit it and make sure everything is up to date. This will also be reflected on your invoices from us.
6) Enjoy GDPR compliance!
That was it, you are now ready for May 25th and GDPR compliance together with Listagram! Thanks for playing.