Changes to our DPA

We have changed our DPA to reflect a change in one of our sub-processors.

With the Schrems II verdict, we moved our sub-processors to the EU. Our main data processing were already in the EU, but email sending and SMS sending was handled by sub-processors in the US.

This move has only caused us frustration as our email provider doesn’t live up to our level of quality. The result is delayed emails and emails not being delivered.

As the EU has worked out a way for us to now use a sub-processor in the US without losing our GDPR compliance, we are now announcing that we will be starting to use Postmark as our sub-processor for email sending.

We’re only doing this, because we feel just as safe with this specific company located in Chicago. This isn’t another Silicon Valley company harvesting your privacy to sell or profit from ads. This is a company much like us. People first with a focus to enhance peoples lives not harvest them.

Not only do we trust them, we also know they take data privacy seriously. Please read on.

Postmark has implemented SCC’s to comply with the EU laws on GDPR.

A few touchpoints that we have emphasized during our assessment of why we trust them:

  • Postmark has implemented Standard Contractual Clauses to comply with the requirements of Regulation (EU) 2016/679 of the European Parliament. This will ensure that the data transfer mechanisms are in place as well as a legal basis to do the international transfer.
  • Postmark states the following: “Data transferred from our customers to our servers is encrypted via SSL that is configured to meet or exceed all industry standards. Cold data at rest is encrypted with 2048-bit RSA.

    Even though Postmark itself has not undergone a SOC audit, our data center has. We can provide a copy of the SOC report for the data center after completing an NDA.”

  • Postmark states: “The data centers we use demonstrate ongoing compliance with rigorous international standards, such as ISO 27017 for cloud security, ISO 27018 for cloud privacy, SOC 1, SOC 2, and SOC 3, PCI DSS Level 1, and more”

These are just a few. You can read about Postmarks security in more detail here.

Postmark will be replacing Sendinblue as our sub-processor for transactional emails. (Email notifications from Smartplan).

We have published a new version of our DPA on your account.

You can go to “Settings” and to the bottom of the page to download. We have also published it publicly on our website here.

Smartplan is a perfect match for your business

It’s easy to switch

Whether you’re currently using scheduling software, Excel or even a pen and paper, switching to Smartplan is quick and easy.

It just works

Smartplan combines a simple, user-friendly interface and powerful scheduling tools to create a system that just works.

Take care of your bottom line

We’ve ditched unnecessary frills and functions to give you the most cost-effective solution.