General Data Protection Regulation (GDPR) compliance

The GDPR is a set of data protection rules that apply to businesses providing services to individuals in the European Union (EU). The GDPR requires that those individuals have control over their personal data. The GDPR also specifies how personal data may be collected, processed, and stored.

In compliance with the GDPR, MailmanLists' Privacy policy describes what personal data is collected (and why), how it is kept secure and private, and how it can be accessed or removed.

Data Processing Agreement

A Data Processing Agreement (DPA) is an agreement between the entity that controls personal data (the controller -- you or your organization) and the entity that processes that data ( the processor -- MailmanLists). The agreement outlines the roles and requirements of the contoller and the processor.

Do I need a DPA?

If you or your organization use MailmanLists' services for business purposes, and you or your business are located in the EU or deal with EU citizens, you should enter into a DPA with MailmanLists.

You can request a DPA with MailmanLists and we'll prepare one which you can download. You'll then return a copy of the signed signature page to us.

Note: DPAs are in English only.

Requests for DPAs can be sent to: privacy [at]