GDPR Spring Recipe

GDPR Spring Reicpe

GDPR Spring Reicpe – With GDPR under our belts two years now, a lot of dust has settled and companies are getting used to including the right ingredients to keep their data fresh and compliant.

Zingo has been at the forefront of brewing the processes and software to ensure compliance.

We often get asked for international data protection legislation and although we cannot give legal advice, we have grown a range of helpful notes for our customers. So, to help you get an idea of the varying rules within Europe we have put together a recipe card for EU data protection, however, we must stress you should season it to your needs.

EU Data Compliance Guidelines

This document is an ongoing basic review to create a road map to help ensure Zingo and clients stay within the regulations to manage risk and enhance marketing performance.

All emails within our data sources have been given the ‘Right to be Informed’ and are processed in line with GDPR and PECR. - Meeting
  • Almost all countries require ‘General Data Security Obligations’, this means that data is kept secure at all times and first party vendors ensure third party vendors also comply with data security processes.


  • An unsubscribe link & clear identification of the sender is required on all messages, so it is both lawful within Europe and good practice to always include an unsubscribe.


  • The appointment of a data protection officer when processing large volume data is required but at any size having one person familiar with the rules and risks is a sensible option. If you do not have somebody available in house, 1 Stop Data can help you manage your compliance obligations.

EU Countries with similar opt-out protocol

  • Croatia
  • Estonia
  • Finland
  • France
  • Hungary
  • Ireland
  • Latvia
  • Portugal
  • Slovenia
  • Sweden
  • United Kingdom

Countries in the EU where Opt-in applies

  • Austria
  • Belgium
  • Bulgaria
  • Czech Republic
  • Denmark
  • Greece
  • Iceland
  • Italy
  • Lithuania
  • Luxembourg
  • Netherlands
  • Norway
  • Poland
  • Romania
  • Slovakia
  • Spain

Countries in the EU where double Opt-in applies

  • Germany
  • Switzerland
EU Compliance Guidelines

Data transfer

Countries white listed for data transfer from the EU include EEA Countries The EEA countries consist of the EU member states and the EFTA States.

The EU member states are Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden and the United Kingdom.

The EEA states are Iceland, Norway and Liechtenstein. The EEA Joint Committee has made a decision that the GDPR applies to those countries and transfers to those countries are not restricted.

Andorra, Argentina, Guernsey, Isle of Man, Israel, Jersey, New Zealand, Switzerland and Uruguay.

The Commission has made partial findings of adequacy about Japan, Canada and the USA (with Privacy Shield only).

This information is provided as a guide for Zingo’s customers and is not meant to be used as legal advice. Zingo strive for data excellence ensuring data compliance, up-to-date information and accuracy at all times.

If you have any questions regarding data compliance, please Contact Us.