The European Union General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy in the European Union (EU) and the European Economic Area (EEA). This article describes Drag’s GDPR compliance status.

If your company needs to ensure it is GDPR-compliant, it also needs to ensure its providers (e.g. Up) are also GDPR compliant. Up is GDPR-ready, and strictly enforces the regulation to protect users’ data we handle. The list of the users’ information we collect, as well as how we use, protect and share them is disclosed in our privacy policy, which can be accessed here.

Up is fully compliant with the regulation. Individuals in the EU have certain rights under the GDPR. Our audience management tools allow you to easily respond to data requests from your contacts—without a cumbersome process or waiting for someone to handle the request for you.

Here are some common questions and answers related to regulation and data protection.

Right of access

You can export data about individual contacts from your Up account, which can help you fulfill access requests

Right to be forgotten

You can delete contacts from your Up account at any time. And when someone is removed from your contacts, we anonymize their data in your reports so you stay compliant without losing any audience insights.

Right to object

If a contact objects to you processing their personal data you can remove them from your Up account at any time.

Right to rectification

You can access and update your contact lists to correct or complete contact information at any time. You can also create a preferences center where your Contacts can update their information and preferences on their own.

Right to portability

You can export any of your audiences, or selected information within any audience, at any time in your Up account.