The European Union and the United Kingdom have been leaders in writing regulations to protect something we’ve long known you value — your personal information and privacy. We talked about the basics of GDPR protection last month; now it’s time to talk about what’s changing.
For us, it’s been an opportunity to make sure that our practices are in line with our values.
For FastMail, not much is changing. We have high standards for ourselves, and you don’t have to change much if you aren’t monetizing customers’ personal data! Where we’ve spent the bulk of our time (besides converting our policies from code into words) is thinking about areas where being helpful comes into tension with privacy.
We pride ourselves on solving unusual problems like buggy mail client behavior, and helping customers out of tough situations (even when that tough situation is something like "my aged parent forgot to pay for their account for two years.") It feels great to go above and beyond for customers! But this process made us think about what kind of personal data might be collected incidentally in the logs we use for debugging, or how long a reasonable person might expect that their information is retained if they choose not to pay for an account.
Reducing our data retention periods, especially in the case where the retained data was likely to contain personal customer information, was one of our biggest changes. We’ve tried to strike the right balance between making sure you still get the support you expect from us, and protecting your personal information.
One of GDPR’s other major goals is to try to keep companies from passing the buck in the case of a breach of personal information. As such, corporations that process data on behalf of other people need a contract with all the vendors they use who might hold that information. That contract is a Data Protection Addendum. If you’re an individual, you get your services directly from us, and you don’t need a DPA.
If you’re a corporation, and you do need a DPA, it depends which product you’re using, for:
training on security and privacy considerations, and are explicitly empowered to question decisions we’re making in all our products to make sure we’re always making good choices around your privacy.
Our revised documents and new related resources:
If you have further questions about GDPR, your data, or your privacy rights, feel free to reach out to our support team for assistance. Thank you for using FastMail!
New Years’ is the time for making plans! We are excited to announce that we have made some updates to Fastmail’s calendar to help you along the way.
You may still be tracked even while using a “private” window like Incognito or VPN. Here are the best private browsers to protect your privacy.