As a general rule, if you process any personal data of EU residents, even just collecting or storing their names and email addresses, the GDPR may apply to you. While Marvelous is unable to provide legal advice, we encourage you to take the necessary steps to determine whether or not you need GDPR compliance.
We suggest you:
Familiarize yourself with the requirements of the GDPR. We have found the work of attorney Autumn Witt Boyd extremely helpful and encourage you to check out her GDPR training.
Review your sub-processors to make sure they are compliant with GDPR (a sub-processor is a third-party data processor such as Mailchimp, MINDBODY Online, or ConvertKit).
Review your email sign-up process with your email service provider. You need explicit consent to email users that sign-up either on your website or Marvelous site. The easiest way to get consent is to use a double opt-in or include a consent checkbox that the user must click in order to opt in to receiving emails. Please refer to ConvertKit's and Mailchimp's articles on their tools and processes for GDPR compliance.
What can you do on your Marvelous site?
How is Marvelous handling compliance with EU GDPR?
We take your privacy and the privacy of your students seriously and have taken steps to be fully compliant with the GDPR.
The steps we've taken are:
Retained outside legal counsel to ensure that we comply with the GDPR
Reviewed our sub-processors to make sure they are compliant with data protection policies and procedures that comply with the GDPR.
Assigned a privacy officer and created a process whereby our users can request access to or deletion of their personal data.
We will continue to adapt our policies and tools as the interpretation of these laws becomes more clear over time.
Contact Us 🧡
For any questions reach out to us in our live chat or send us an email at firstname.lastname@example.org 🙂