Amplemarket & GDPR
We prioritize privacy every day and in everything we do.
You should too: protecting your audience interests and personal data rights leads to better conversion rates.
Learn more below about why data protection means better business and how we ensure safety for privacy.
What role do you play in complying with data protection laws?
Growth demands relevance.
Everyone appreciates receiving information that benefits them.
In that context, the companies that grow are the ones able to show how they can be relevant to prospects. But it’s also through showing how you can provide value that you ensure that legal standards and ethical practices are maintained.
Our mission is to empower you to find and connect with an audience that finds you relevant.
Consent is not the only option. Legitimate interest is a valid legal ground for B2B outbound prospecting.
GDPR legislation considers “legitimate interest” as a legal base to collect and handle (or to “process”) EU personal data, as long as it’s not outweighed by fundamental “rights and freedoms,” taking into account data subjects’ “reasonable expectations” of how data may be used.
Our service acts on the “legitimate interest” base and we have put mechanisms in place to guarantee that the collected data is used by you in a thoughtful way, exactly to respect legitimate interest, e.g.,: we allow our clients to collect relevant information (e.g., liked posts) so they can hyper-customize the messages being sent, maximizing relevance for the receiver.
Thus, complying with data protection means better business.
A company that has difficulty proving legitimate interest is a company with no real relevance to its audience.
If your business is able to convey relevance, data protection should benefit you. Keep reading to understand how.
Top two tips to maximize your data protection compliance:
Tip 1 — Target with precision:
GDPR favors relevant companies. Legitimate interest generally implies processing that provides mutual benefit for the parties involved in the processing of data.
For you to stay compliant with the legitimate interest clause, you should be reaching out to prospects that will really benefit from your product or service.
A good way to guarantee this is by leveraging all the signals and search criteria on Amplemarket (keep reading to understand how) to identify which companies and people could benefit the most from the solutions you are offering.
Curious about legitimate interest?
For electronic marketing you won't need consent when you have (valid) legitimate interests as a controller. Because our database is solely based on publicly available professional profiles, we filter for people who are more open to receiving the specific opportunities you offer, enhancing business outcomes at their companies.
By collecting intent signals, we identify people that signal interest in receiving specific communications, avoiding any "unsolicited marketing".
Tip 2 — Use transparency to build trust:
It’s key to provide data disclosure statements when reaching out to prospects in order to stay compliant and build trust.
These disclosures are usually written at the top of emails, or spoken at the beginning of calls, explaining why they are being contacted.
Choose the method that makes more sense to both you and your legal team.
Why is disclosure so important for trust?
Relevance alone is not enough once you decide to take the next step.
Your audience will want to know more about how you found them and other details such as who you are and who is in control of their data doing what and how.
Article 14 of the GDPR has all the information you must share and that’s all you need for a trusting relationship.
How does Amplemarket help you comply with data protection laws?
Amplemarket ‘s privacy program is designed for our clients’ compliance as controllers in accordance with the highest standards set by Europe's General Data Protection Regulation (GDPR)*.
* Please note: we are using GDPR’s terminology but we do understand that under the California Consumer Privacy Act, regarding US citizens, we may be considered a Data Broker instead of a data processor.
We help you find the audience you are relevant to:
We maximize the accuracy of our data, so you know who you're reaching out to.
We help you find strong signals and narrow down your search to people who might really be looking for a solution in your space.
We help you craft the most relevant message for that prospect.
We focus on business contact data, so that the scope of your message is on the business instead of the personal realm.
We respond to all Data Subject Requests and make it visible on our tool that we respect their right to erasure or opt-out from being contacted.
We give you control, so you adapt to your needs.
We give you the chance to exclude whole regions from the database your team has access to (geo-fencing).
We let you upload lists of prospects to exclude (exclusion lists).
We use machine learning to automatically add opting-out prospects to those exclusion lists.
How does Amplemarket maximize privacy security?
We take security very seriously and carry out annual audits on the SOC 2 Type II framework by leading external cybersecurity auditors.
Please refer to our Trust Center for more information.
We undergo annual penetration testing.
Every year, our system is subject to a third party penetration test and we share the yearly report evidencing any potential vulnerabilities on our Trust Center.
Data management and security:
Our services are hosted with US-based data centers, with rigorous data protection agreements with our vendors.
We ensure rigorous authentication and authorization measures, and secure API access to prevent unauthorized product use.
Access is restricted to certain employees based on their roles to ensure effective support and security management, with semi-annual reviews.
Encryption in transit and at rest:
Any data stored at rest is encrypted using capabilities provided by our cloud infrastructure provider and application secrets are stored via secret managers.
All communication over public networks and among our services is encrypted with industry standard protocols.
Monitoring and redundancy:
We use industry-standard access controls, logs system behavior, and conduct code security reviews to manage and respond to security incidents, with timely notifications to affected customers.
Our services maintain at least 99.5% uptime.
Backup and replication strategies across multiple data centers ensure data integrity and availability. We have a Recovery Time Objective and Recovery Point Objective of under 24 hours.
Data use and customer management:
Data collected from you is used exclusively to provide and improve services, adhering to strict purpose limitation principles.
And you do control your data, with clear mechanisms for data purging upon request or contract termination, ensuring compliance with data lifecycle requirements.
We ensure integration security.
Data you bring into Amplemarket is secured by protocols such as OAuth when connecting to other SaaS services like Google, Microsoft, Salesforce or Hubspot, ensuring no credentials are stored.
How is GDPR-compliance assured?
Our product allows you to be compliant at scale.
We enable unsubscribe links in all your sequenced emails.
And introduce an automated footnote to inform the prospect of the legal grounds, based on which you’re reaching out.
“P.S.: I reached out because I genuinely think you might benefit from what we do. If you don’t want to hear from me again please don’t hesitate to let me know.”
Standard contractual clauses for international transfers.
We created a comprehensive data processing addendum (DPA) specifically designed for the adoption of the standardized and pre-approved model data protection clauses that allow you to comply with your obligations under the European Union data protection laws for international transfers.
This addendum covers transfers from the European Economic Area, Switzerland, and the United Kingdom.
Lead fencing mechanism for the EU.
To address your concerns about contacting prospects located in the European Economic Area, we have enabled features that allow you to select prospects based on the individual’s location.
If you wish to avoid contacting prospects located in this area, you can do so within Amplemarket.
Much more:
Once you receive our contractual documents and use of our services you will find many more commitments and measures.
But, please, feel free to ask us for a transfer impact assessment if you believe additional information is required before moving forward.
What data do we work with?
We do not provide or collect consumer-focused data such as age, health, web browsing history, health records, or economic status, nor do we collect any information that may be deemed as sensitive information.
You will not be targeting individuals within a specific organization, according to their role and their company’s industry.
We are in the business of leveraging businesses. Our data is strictly business-oriented.
Still have questions?
We invite you to look at our Privacy Policy or contact us at privacy@amplemarket.com.
Previous user looking for updating your personal information?
Contact us at privacy@amplemarket.com.
You’re not a user but want to know if your data is on our database?
Feel free to email us at privacy@amplemarket.com. We are more than glad to inform you if we are processing your publicly-available data and which controllers you can contact to exercise rights, such as understanding what data we may possess and how to edit or delete that data. If you don’t want to contact the controllers yourself we are also more than glad to reach out to them and request authorization to take those actions directly for you.
