How MailerLite stays GDPR-compliant

Our team has worked hard to become a fully GDPR-compliant email marketing platform. At MailerLite, protecting your privacy is our top priority, and we’ve succeeded in making sure our company and services are GDPR-friendly from start to finish.

We have all the necessary documents and GDPR appropriate technical and organizational measures in place to ensure a high level of personal data protection. Please read our Privacy Policy, Security Statement, and Cookie Policy to know more about how we process and protect personal data in accordance with data protection laws and good industry practice.

We offer a Data Processing Addendum (DPA) that meets GDPR requirements and reflects our data privacy and security commitments. Recently, the DPA became an integral part of our Terms of Use, therefore, there is no need to sign it anymore. Once you agree with our Terms of Use, you agree with our DPA at the same time.

We use our carefully selected sub-processors in order to provide the highest-quality email marketing services to you. According to GDPR requirements, you can find a list of our sub-processors included in our DPA as Annex No. 3. All of our sub-processors are based in the EU.

Our data center service provider provides all the necessary security measures for data protection and processing. Our services are hosted by a trusted and certified data storage center located in the European Union that has an information storage security certificate. You can rest assured that your data and your subscribers’ data is safe with us.

In order for you to be GDPR-compliant as a data controller, you can manage your subscribers’ data with our GDPR-friendly tools which will help you fulfill any data subjects’ requests, regarding their right to portability, access, to be forgotten, etc.

If you have any questions about data protection, please feel free to review our GDPR-related blog posts and videos.