The General Data Protection Regulation (“GDPR”) is a new comprehensive data protection law in the European Union (“EU”) that updates existing laws to strengthen the protection of personal data in light of rapid technological developments, increased globalization, and more complex international flows of personal data. It replaces the patchwork of national data protection laws currently in place with a single set of rules, directly enforceable in each EU member state. The GDPR goes into effect on May 25, 2018.

Customers should be able to control their data and trust that information is protected when stored on any platforms’ servers. TextLab holds a strict data security and privacy standards, to comply with the General Data Protection Regulation (GDPR).

The GDPR regulates the “processing” of personal data of any EU resident (who is referred to as a “data subject”). “Processing” includes the collection, storage, transfer, or use, of personal data. This means that any company that processes the personal data of any data subject, regardless of where the company is based, is subject to the rules of the GDPR. Additionally, the GDPR defines personal data very broadly and includes name, email, demographic information, real-time location, online activity, and health information, to name a few. As a “processor” TextLab do not receive any personal information on data subjects, which could uniquely identify them (we use unique UID to interact with our customers the “data controllers”). Our customers the “data controllers” are required to comply with the GDPR regulations.

As defined between TextLab and our customers, TextLab is the “data processor” and the customer is the “data controller”, as such terms are defined under the GDPR. The data controller collects data from its data subjects (i.e. a customer’s end users) and define how and what personal data is processed. The data processor receives the data from the data controller and acts upon instruction from the data controller.

Yes. TextLab is committed to complying with GDPR and enabling our customers to comply with GDPR.

We understand the GDPR has robust requirements and obligations for both data collectors and data processors and we are committed to helping our customers use TextLab in a compliant manner.

  1. All agreements with Controllers shall mention explicitly the use of Amazon Web Services as a TextLab Sub-processor in the Processor contract with Controller.
  2. If TextLab is connected to a customer’s Marketing Automation Platform (Marketo, Pardot, HubSpot, Oracle or IBM), TextLab shall mention explicitly the integration with the Marketing Automation Platform in Processor Contract with Controller.

If you would like to reach our DPO (Data Protection Officer) or have follow-up questions please reach out to us at