Is it necessary to receive consent to process emails?
No, it is not strictly necessary. The GDPR provides six lawful bases for the processing of personal data. We rely on four of them, e.g. during the processing of the prospects’ email addresses we rely on the legitimate interest. You can find more information about it here.
What is legitimate interest?
The legitimate interest basis is one of the lawful bases for personal data processing under the GDPR. Legitimate interest may apply in cases when:
- processing of such personal data might be reasonably expected by the data subject
- its impact on the data subject’s privacy is not significant
- there is a strong, justified reason to carry out the processing.
We have defined that the processing of emails relies on our, yours, and the prospects’ legitimate interests which are the following:
- contribution to business cooperation between you and your potential prospects
- creation and assistance in discovering the new business-targeted marketing and sales opportunities for you and your potential prospects
- your interest in the expansion of the database of the potential prospects
- development of the new unique platform that simplifies and facilitates professional interaction between businesses
- your interest in the use of an online platform for businesses that combines sales, CRM, analytics, marketing, and email service functionality
- prospects’ interest in the approach of new potential and verified clients or suppliers
- prospects’ interest in commercializing the use of their publicly posted information related to their professional or business interests/occupation.
How does Snov.io ensure it has the right to process email contacts?
We do our best to ensure that our activities comply with the requirements of the GDPR.
The GDPR requires conducting a legitimate interest assessment in cases when the processing relies on this lawful basis.
Snov.io has completed such an assessment regarding all personal data whose processing is based on legitimate interest, including emails. We have verified that our acting as a joint controller during such processing does not override the interests or fundamental privacy rights and freedoms of the prospects.
You can read more about the processing roles of Snov.io here.
How does Snov.io fulfill the rights of prospects?
We do our best to comply with the requirements of the GDPR and applicable laws.
Snov.io fulfills the prospects’ rights as follows:
- undertakes appropriate technical and organizational measures to ensure secure processing and transfer of prospects’ personal data
- fulfills prospects’ requests regarding the processing of their personal data
- answers the prospects’ questions regarding the processing of their personal data
- processes prospects’ personal data on a lawful basis under the GDPR
- transfers prospects’ personal data only to the trusted partners.
Do you need to comply with the GDPR?
We would strongly recommend that you comply with the requirements of the GDPR as far as it is possible. Please note that you act as a joint data controller together with us regarding the prospects’ personal data you provide us with.
Important: as joint data controllers, we should cooperate and provide reasonable assistance to each other in order to ensure fulfillment of the prospects’ rights, so in case you receive requests from the prospect, you may contact us.
For more information, please check our Joint Controllership Agreement.
In some cases, our data processing activities fall under Brazilian data protection laws. If you want to find out how Snov.io complies with the LGPD, click here.
If you have any other questions about Snov.io, don’t hesitate to contact us at firstname.lastname@example.org or via live chat.