The General Data Protection Regulation ("GDPR") is the primary law regulating how companies protect EU citizens' personal data which went into effect on May 25th, 2018.

You can learn more about GDPR at their official site.

Make The Link is compliant with GDPR. Make The Link's Privacy Policy explains how we use and protect Personally Identifiable Information (PII) as a Data Processor and in some cases, a Data Controller.

For more information, please contact privacy@makethelink.fm

Absolutely. Make The Link has implemented a consent method to collect and treat personal data that includes:

• Giving or withdrawing consent to tracking.
• Granular control over which tracking entities are accepted.
• Additional disclosures over what the cookies used for and by whom.
• Giving or withdrawing consent to PII collection and email marketing.

Giving Consent for Remarketing Pixels and Cookies

First, when visitors navigate to a Make The Link landing page, they will be asked to consent to cookies or can manage their permissions to opt out.

Managing permissions settings

At any time, visitors can navigate to a dynamic Privacy Settings tab to manage their permissions settings or opt-out completely.

First things first: the GDPR does not apply to everyone. In short, the GDPR only affects businesses and individuals who collect, organize, transmit, update, store, delete or otherwise use or work with the personal data of individuals located within the EU.

More specifically, the following groups are affected:

• Individuals or businesses located within the EU who are considered either personal data controllers or processors;
• Individuals or businesses not located within the EU, but who are considered processors or controllers of the personal data of individuals located in the EU;
• Individuals and businesses located in countries whose data protection laws are set to change alongside the GDPR — examples include the United Kingdom's proposed Data Protection Bill, Switzerland's updates to the Swiss Data Protection Act, and Norway's new Personal Data Act;
• Individuals or businesses not located within the EU or other European countries with data protection laws similar to the EU, but who are processors or controllers of the personal data of individuals located within these countries.

If you do not fit into one of these categories, then you don't need to worry about reading any further (unless you want to). For example, folks from the United States and Canada who are not collecting information from or sending emails to customers located within Europe do not need to worry about these updates.

For Make The Link users who are affected by the GDPR, our platform offers the tools you need to make sure the email marketing lists you built using Make The Link are compliant.

Per the GDPR, you must ask users explicitly if they wish to opt into your mailing list. Also, you must make clear what their information will be used for. To stay compliant, you will need to use an opt-in checkbox on your entry form, as well as post clear information to let users know what they are opting in to.

To stay compliant, we recommend adding a checkbox to your form that indicates the individual's desire to opt into your mailing list. Some options for the language you could use for the checkbox field include:

1. [ ] Yes! I want to receive emails from [YOUR BUSINESS NAME].
2. [ ] Sign me up for company announcements and industry best-practice emails from [YOUR BUSINESS NAME].
3. [ ] I want to receive up-to-date information via email, including product updates, coupons, special offers and contest announcements from [YOUR BUSINESS NAME].

Make The Link customers are allowed to email fans who have opted in. Any email addresses that you are able to operate are from users who opted in.

Furthermore, users may reach out directly to Data Controllers to be removed from your mailing list and have their data deleted. As Data Controllers, Make The Link customers must comply with all data protection laws and accommodate users who wish to have their data deleted or updated per Make The Link's Privacy Policy.

Personally Identifiable Information (PII) is information that can be used on its own or with other information to identify, contact or locate a single person, or to identify an individual in context.

General examples of PII are:

• First and last names
• Email addresses
• Financial records
• Credit card numbers
• National insurance/SSN numbers

Data collected by Make The Link can be found in our Privacy Policy.

We take our obligations regarding data compliance seriously and transparently. Like many cloud service providers, we have reviewed our data protection program and made adjustments to ensure compliance with GDPR.

Make The Link's ongoing commitment to data protection is evidenced in a variety of ways:

Security

• Make The Link only uses trusted and certified compliant data-centers (AWS and OVH carry with them certifications, including ISO 27001 and SOC).
• Make The Link is continually investing in our own and our partners' security infrastructure.

Data Handling

• All data is encrypted in transit using SSL and at rest using industry-standard AES-256.
• Advanced Intrusion Detection and Intrusion Prevention Systems are implemented within the infrastructure to detect and prevent data breaches.
• Advanced Security Event Logging & Monitoring (SIEM Solution) are implemented in Make The Link's infrastructure.

For more information, please contact privacy@makethelink.fm