Home
»
Why rapidmail?

Consistently GDPR-compliant email marketing "made in Germany"

So you never have to worry about the security of your data.

More than just a requirement: data protection has always been an integral part of the rapidmail DNA. Long before the GDPR came into force, protecting our customers’ data was our highest priority. Why? Because we handle your data exactly as we would want our own data to be handled.

Try it for free now
What our customers say about us
5 stars
Jessica
on OMR Reviews

The most intuitive and simple newsletter tool on the market

I think it's great that rapidmail complies with all GDPR requirements, has its servers in Germany, and is so easy to use.

5 stars
Marcel
on OMR Reviews

Secure data storage & all essential features

rapidmail’s servers are located exclusively in Germany. Data protection is a top priority here, which is becoming more and more important.

5 stars
Florian
on OMR Reviews

Excellent features and fair prices

Finally, we have found a newsletter provider that is GDPR-compliant.

Our promise to you:

100% GDPR-compliant email marketing software

We achieve this through key technical measures, continuous staff training, collaboration with our external data protection officer, and smart software features.

With rapidmail, there is no need to battle through GDPR legal texts

Servers located in Germany

All data is stored on servers in Germany. There is no risk of data being transferred to a third country or reliance on US corporations.

High-security data centre

To ensure maximum data security, we use a German data centre with the highest security standards.

ISO 27001 certification

Our data centre is regularly audited and certified under ISO 27001, confirming full GDPR compliance.

SSL encryption

All data transfers with rapidmail are secured with 256-bit SSL encryption and cannot be accessed by third parties.

Daily backups

We create daily encrypted backups, which are also stored on servers in Germany.

No data transfer

All data – including mailings, contacts, and statistics – is never shared with third parties.

Data protection officer Keyed GmbH

Our close cooperation with our data protection partner, Keyed GmbH, ensures our platform remains compliant even when laws change.

No sending to purchased email addresses

Our close cooperation with our data protection partner, Keyed GmbH, ensures our platform remains compliant even when laws change.

Maximum data protection for your email marketing

Data processing agreement in accordance with the EU GDPR

To ensure GDPR compliance, you can easily conclude the data processing agreement online in your customer account.

Sample text for your privacy policy in accordance with the EU GDPR

rapidmail provides a free privacy policy template, thoroughly reviewed by our data protection consultant at Keyed GmbH.

Intuitive features to help you stay compliant

Automatic double opt-in process

The safest way to obtain explicit consent from your contacts to receive your newsletter is applied automatically by rapidmail.

Delete contacts in compliance with the GDPR

Your contacts have the “right to be forgotten” – meaning the right to have their data deleted from all your systems. rapidmail allows you to delete contact data in full compliance with GDPR.

Unsubscribe link in every newsletter

Every newsletter created with rapidmail automatically contains an unsubscribe link. The link text can be customised.

Newsletter checkbox and privacy notices for sign-up forms

By adding a newsletter checkbox, you can legally protect yourself when registering new contacts. With rapidmail, you can also easily include privacy notices in your newsletter sign-up forms.

GDPR-compliant teamwork

With rapidmail’s user management, you can manage all access rights in your account and assign tasks within your company in a 100% GDPR-compliant manner.

Extensive data protection tips on our blog

by Nils Möllers, our rapidmail data protection officer from Keyed.

Start for free now

Frequently asked questions

In order to harmonise your newsletters with the GDPR and operate legally compliant email marketing, you must comply with the data protection requirements when sending newsletters. The key steps to GDPR-compliant email marketing are:

  1. Obtain explicit consent from each contact you wish to email. The safest and easiest way in email marketing is the double opt-in process.
  2. Refer to the privacy policy on your website when registering for the newsletter. Inform your contacts how and why their data is processed for email marketing.
  3. Create a newsletter sign-up form with a maximum of one mandatory field, the email address.
  4. Do not automatically link newsletter sign-up of your contacts to other services such as e-book downloads or prize draws without explicit consent.
  5. Conclude a data processing agreement with your newsletter provider.
  6. Store and process all contact data exclusively on servers within the EU.
  7. Include a functioning unsubscribe link in every newsletter and delete all stored personal data upon request, in accordance with GDPR guidelines for newsletter unsubscribes.

Because the General Data Protection Regulation (GDPR) imposes strict requirements on the processing of personal data, it’s vital to ensure complete compliance when choosing email marketing software. This ensures the lawful processing and storage of your contacts’ data, even when using an external tool. The most important GDPR-compliant features include:

  • Storing all contact data exclusively on servers within the EU
  • Newsletter sign-up forms with a double opt-in process
  • The ability to link to your privacy policy in the sign-up process
  • The option to include an unsubscribe link in every newsletter
  • The ability to delete contact data fully in line with GDPR (“right to be forgotten”)
  • Concluding a data processing agreement

In email marketing, the double opt-in process ensures subscribers give explicit consent to receive newsletters. This is necessary to prove lawful sending under the German Unfair Competition Act (UWG) in case of dispute, and to meet GDPR accountability requirements. In practice, GDPR-compliant email marketing requires the consent of your contacts. The only exception is sending newsletters to existing B2B customers. Here, under certain conditions, no separate advertising consent is required to send newsletters to existing customers.

Violations of the General Data Protection Regulation (GDPR) in email marketing can result in fines and penalties. Beyond the financial impact, companies that fail to comply risk damaging their reputation. Sending newsletters to contacts whose data was not obtained or processed in line with GDPR raises doubts about the legitimacy and trustworthiness of a business. Over time, this can cause customers to turn to GDPR-compliant competitors instead. This makes it all the more important to choose a newsletter tool that fully meets data protection standards.

Do you have further questions about data protection in email marketing?

For general advice on data protection in your business and tips on how to improve your compliance standards, feel free to contact our data protection partner, Nils Möllers from Keyed:

Nils Möllers

E-mail : privacy@rapidmail.com
Website: www.keyed.de

GDPR-compliant / Servers located in Europe / External data protection officer