Hi! Perhaps (just like us) you’re just about to wipe the sweat off your brow on the home stretch before the GDPR enters your PR reality. As your friends from Prowly, we’ll try to answer all your most important questions and dispel any doubts you might have in relation to our role in the new reality of managing personal data in PR processes. Also, we want you to be up to speed with all the functionalities we’re planning to launch in the near future. Meet the GDPR Manager that will help you manage your media contacts in this new legislative landscape.
The entry into force of the GDPR is a great opportunity for you to double-check your contacts and “cleanup” your media contacts database and remove those contacts that are disengaged or no longer valid. Focus on relations. After all, this is what you’re best at. And don’t risk sending your press releases and/or other materials to people who don’t want them. It’s not going to work. And as of now, it won’t pay either.
Once you launch the GDPR Manager, or ,in other words, an extension patch for our contacts management module(Audience), Prowly will guarantee the proper level of protection and allow to take the necessary care of the data throughout their lifecycle. Our app gives you the possibility of actually implementing the security policy for media contacts databases in your company processes. We’ve got you covered.
Compliance of our application with the GDPR | ||
---|---|---|
RODO requirements | What we are preparing | Status |
Terms of Service | Revision of the Terms of Service to ensure compliance with the new regulations. | Available |
PrivacyPolicy | Revision of the Privacy Policy to ensure compliance with the new regulations. | Available |
Data register | Recording activities related to the processing of personal data. | Acceptance testing |
Data exports | Possibility of exporting data in response to a request for specifying what data is stored for a particular contact. | Acceptance testing |
Removing contacts | Permanent deletion of data; anonymization. | Available |
The right to be forgotten | The exercise of the right to be forgotten. | Available |
Cookies Policy | Making information on the cookies policy available. | Acceptance testing |
Collection of email addresses | Collecting email addresses including the indication of processing purposes. | Acceptance testing |
Additional functionalities for protecting personal data in Your database (Audience + GDPR Manager)
Category | Description | Available in every account | Available in GDPR Manager | Status |
---|---|---|---|---|
General | Enabling/disabling protection on the account. | x | x | Acceptance testing |
Contact details | Manual identification of contacts for which we have consents for the protection of personal data (mass and individual). | x | x | Acceptance testing |
Scopes and purposes of data processing | Creating scopes and purposes of the processing of personal data and assigning them to contacts in the database. | x | Acceptance testing | |
Contact details | New information on the contact’s card – whether a given contact is subject to the GDPR/has given consent. | x | x | Acceptance testing |
Contact details | New information on the contact’s card – for which purposes a given contact has given consent/to which sets of purposes a given contact is assigned. | x | Acceptance testing | |
Obtaining consents for the processing of personal data | Mass/individual distribution of a consent form. | x | Acceptance testing | |
Obtaining consents for the processing of personal data | Personalization of the consent form. | x | Acceptance testing | |
Obtaining consents for the processing of personal data | Outbox with mailing history. | x | Acceptance testing | |
Obtaining consents for the processing of personal data | Individual (for every Prowly account) inbox for forwarding consents obtained via email. | x | Acceptance testing | |
Contact details | Assigning consents to contacts. | x | Acceptance testing | |
Contact details | Assigning consents to sets of processing purposes. | x | Acceptance testing | |
Control of mailings | Automated blocking of mailings in the case there is no (entered manually or expressed through the GDPR Manager) consent for the processing or data. | x | x | Acceptance testing |
Control of mailings | Automated blocking of mailings in the case there is no (entered manually or expressed through the GDPR Manager) consent for a specific processing purpose. | x | x | Acceptance testing |
GDPR and GDPR Manager –Q&A
- Will Prowly allow me to collect consents for the processing of personal data?
Yes, with GDPR Manager, you will be able to obtain consents from contacts in your database. - What is Prowly’s role in the processing of personal data?
Prowly acts as the processor. This means Prowly is not the owner of data received (entered in the application) from the data controller and only processes this data on behalf of the controller, that is, the customer. - Who is the controller of the media contacts database I’m using within my Prowly account?
The controller of the media contacts database is the one who decides on the purposes and means of the processing of personal data. Under the GDPR, “controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. - Who is responsible for the correct processing of data within my Prowly account?
The ultimate responsibility for the accuracy of the processing of personal data lies with the controller. However, by constantly refining its product, Prowly makes every effort to provide its customers with support in this area. - Will having a Prowly account ensure I’m fully GDPR compliant?
No. As a tool, Prowly provides functionalities which — when used properly— help our customers design a personal data processing practice that will be GDPR compliant. - After the entry into force of the GDPR, will it still be possible to send emails to contacts in the Prowly database?
Yes, if you have collected the required consents for the processing of your contacts’ data from journalists and entered them to the tool or you’ve verified them manually. If you don’t have the required consents, you should collect them ahead of time (e.g. using the GDPR Manager) and only then go ahead and send out your mailings.
Get GDPR Ready with Prowly in Five Steps
Step 1: Accept the Data Processing Agreement
After logging in to the app, you will be displayed a screen with a request to accept the Data Processing Agreement (by electronic means).
Step 2: Collect consents from yourkey contacts
If you still don’t have the required consents, and you know you should, don’t wait — ask your key contacts for permission to process their personal data (preferably by email, as following the release of the GDPR Manager, you will be able to easily upload all consents to the app and assign them to individual contacts).
Step 3: Upload consents to Prowly
In view of the amended regulations, on the date of implementation of the personal data protection functionality (of which you’ll obviously be informed) in Prowly, the data protection by default option will be enabled in your Audience database. You will be able to disable this protection option at the level of your entire media contacts database, assign previously received consents to individual contacts, manually indicate that you’ve received consent(s), or simply send out consent forms to the contacts of your choice.
Step 4: Take care of your Brand Journal’s Privacy Policy
If your company has a website, I’m sure you’ve already updated its Privacy Policy. Don’t forget to also put it on your Brand Journal — to do that, you can use the Press Kit, create a dedicated story-like Privacy Policy tab, or add a link redirecting to the Privacy Policy to the description of your Brand Journal on the home page.
Step 5: Keep current with collecting consents
Remember that each time you create new contacts in your database, you should ask them for their consent to the processing of their personal data for selected purposes. GDPR Manager won’t let you forget about that.