GDPR

Everything you need to know about FunnelBud and GDPR

Disclaimer: This does not constitude legal advice, it is simply our own and our lawyers' intepretation of what GDPR means for FunnelBud clients.

Where can I see your DPA?

Online version, which is referred to from our license agreement with you: https://www.funnelbud.com/en/gdpr/.

If you want to sign a DPA with us, please download one of these, sign it, and send it to support@funnelbud.com:

What text should I place on my website to describe our GDPR and cookie policy?

You can use this text on your website.

(As an example, ours is here - note that you should customize so you have your own relevant version, we recommend the link above. Here's ours: https://www.funnelbud.com/en/gdpr/.)

What do I need to do with my forms?

According to our interpretation (see In what circumstances can we collect data for marketing purposes?), a simple form notice is enough to fulfill GDPR requirements.

Our understanding is that you don't need explicit opt-in tickboxes (see the reasoning in the above link). But you can if you want to (see next section for screenshots on that).

Below are example form notice texts you can put under each of your forms (ask FuB for help to do that).

LONG VERSION (English): “By clicking on the link you agree to receive emails from us with tips, advice, event invitations and promotions that can help you get more value from your [SOLUTION] solutions. You can withdraw your consent at any time by clicking the unsubscribe link at the bottom of every email. Read more about our GDPR policy here.”

LONG VERSION (Swedish): “Genom att klicka på länken samtycker du till att ta emot mailutskick från oss; med tips, råd, inbjudningar till evenemang och erbjudanden som kan hjälpa dig få mer värde från era lösningar. Du kan när som helst ta tillbaka ditt samtycke genom att klicka på den länk som finns i ditt mailutskick. Läs mer om vår GDPR-policy här.”

SHORT VERSION (English): “By filling out the form, I agree to receive emails with tips, invitations, and promotions that can help me get more value from my [SOLUTION] solutions. Read more about our GDPR policy here.”

SHORT VERSION (Swedish): “Ja, genom att fylla i formuläret samtycker jag till att ta emot mailutskick med tips, inbjudningar och erbjudanden som kan hjälpa mig att få mer värde ur era lösningar. Läs vår GDPR-policy här.”

How to add explicit opt-in tickboxes to your forms

As explained above, we don't think you need this from a legal standpoint, but you can. Here is an example and how it is built in FunnelBud:

Template screenshot: https://goo.gl/SYB9Aa

How it is built in FunnelBud: https://goo.gl/wZ9ZDr

Are we allowed to work with you if you or your sub processors store data outside of the EU?

Yes. This is allowed if our agreement with you allows us to do this as long as any subprocessors we may use follow GDPR standards. This is the case if we have have EU’s so called “Standard Contractual Clauses” (SCCs) in our agreements with our subprocessors.

(Note for FunnelBud Go clients: FunnelBud Go doesn't store any data outside EU.)

Are SCCs sufficient to be able to store data in the US?

Per the Schrems II judgement, while the Privacy Shield is no longer valid, SCCs still are and they are not affected by the decision.

By signing and adhering SCCs, the protection data subjects enjoy are on par with the requirements of the GDPR, and thus you can use these as a basis for transferring and storing data in the U.S.

Read our full analysis here: Are SCCs enough for you to transfer data to US with FunnelBud?

(Note for FunnelBud Go clients: FunnelBud Go doesn't store any data outside EU.)

Is it enough that we sign an agreement with you or do we need to sign also with your sub processors?

Since you are buying the software from us, it is enough that you sign with us as long as our agreement covers under which circumstances we can sign agreements with our sub-processors.

Can we automatically assume opt-in for customers who pay for our services?

When someone subscribes to something like a Breakfast seminar, is it automatically OK to send post seminar offers? Did they technically opt in to that?

What about leads already opted in, do we need consent? Do we need to send them an opt-in email?

No, we can store data for “legitimate interests” - see “In what circumstances can we collect data for marketing purposes?” above.

Are US-based support personnel supporting FunnelBud allowed to access EU data?

Yes, if we and our sub processors follow GDPR rules for how data should be processed.

When a contact is deleted in FunnelBud, is it according to GDPR regulations?

Yes, once a contact is deleted from FunnelBud no personally identifiable information remains.

More information

General about GDPR

FunnelBud's interpretation of GDPR for clients

Schrems II research

Can you store CRM and Marketing Automation data in the US?

Internal links (can only be accessed by FunnelBud employees):