AdamSwish

Hi Orla Under GDPR you have to be able to completely delete a user's / customer's personal information if requested to do so. It's captured under the "right to erasure" or commonly called "the right to be forgotten". Currently, Squarespace allows you to remove a user from a mailing list (so you would no longer send them campaigns), but you cannot delete that user from your profile. This can't possibly be GDPR compliant so I have had to find an alternative solution to Squarespace email lists and campaign.

Hi Parker, Please see my post a little earlier in email-campaigns. It's titled GDPR - Not Compliant. Could you cover this in a webinar as I can't possibly see how the current email lists and campaign functionality complies with GDPR or equivalent laws in Europe and the UK. The inability to delete a users email from your profile means you cannot comply with the right to erasure - for clarity, I understand you can delete people from a mailing list but the law states their personal information must be completely deleted, not just removed from a mailing list. This in turn exposes users to a fine of up to 2%-4% of annual turnover. That would be incredibly helpful as, as it stands, SS email collection and therefore campaigns is unuseable in those jurisdictions. Many thanks.

Under the right to be forgotten (GDPR) if someone asks for their data to be deleted from your records then it must be entirely removed. That doesn't mean taken off of a mailing list, it means "forgotten", gone, deleted. The current functionality in Squarespace allows you (or the user) to delete a users email from a specific mailing list but not completely from your profile. So they would not receive campaigns/marketing emails anymore but they are not forgotten. It is not possible to delete someone from your profile and therefore impossible to comply with this law. I cannot see how email lists and therefore campaigns through squarespace can possibly be used anywhere where GDPR or equivalent rules apply? To be clear on the importance of this, the penalties for a breach range from 2% to 4% of annual global turnover of the business in breach. Has squarespace made a statement to the contrary as I can't find one? For clarity the Information Commissioners Office states the right to operate as per the attachment.