Two weeks ago, Mail Chimp (our customer Email provider) informed us that they were changing the T&Cs of their site. An innocuous email was sent out informing us of such, however one item that was noted is that, they store all their data in US and all data is transferred from EU under T&Cs accordingly. The moment Return to Player read this, we started looking for a new provider.
It’s not worth going into here in great detail but we have a real issue with the US data protection laws… or lack thereof. Unlike EU where we have an extremely robust personal data frameworks, data protection in the US is much undermined by federal security laws (2001 U.S. Provide Appropriate Tools Required to Intercept and Obstruct Terrorism (PATRIOT) Act, 2002 Homeland Security Act (HSA), and the 2002 Federal Information Security Management Act of 2002, to name a few that create real conflicts for true data protection). Put simply, having your personal data taken away from EU to be stored and processed in the US is a bad thing…we don’t want it to happen to us (ED – the staff) and so, we also don’t want it to happen to you. So we very quickly took action to replace Mail Chimp.
We’re taking the time to tell you of this because we want to be as transparent as we can with how we use you data. We also strongly believe that if you are affording us the opportunity to store your data by registering an account, or signing up to our mailing list, then we owe it to you to show you the same level of trust and ensure that your data is stored and processed in the safest way, underpinned by some of the strongest legislative instruments available.
Anyway, we spoke to Fresh Mail, Mailer Lite, and Send In Blue. All 3 confirmed they store your data within EU and they don’t send data outside of the EU. In the end, Mailer Lite was the provider we selected and within a day we’d migrated the data away from Mail Chimp to our new database at Mailer Lite. Hopefully you’ll not notice a change to service and it should be business as normal but rest assured the security attached to your personal data definitely has changed 😉