GDPR-compliant disclaimers on your Exchange Server

GDPR-compliant disclaimers on your Exchange Server

The introduction of GDPR, the European Data protection law, has caused companies all around the world to revise the way they handle personal data. This is, no doubt, a great responsibility which often includes setting up a complicated process and adjusting internal procedures. On the other hand, it is worth remembering that those changes are designed to ultimately ensure the privacy and security of consumers’ personal data. Because of that, you might view GDPR as an opportunity, and not only as a heavy burden. European-based customers are more likely to trust your organizations which have a clearly-formulated privacy policy and care for the security of personal data. GDPR compliance might become a deciding factor when a customer is faced with a choice between you and your competition.

Fortunately, the on-premises Exchange Server gives you many opportunities to get closer to a complete GDPR compliance. One of the features that help you achieve it is adding GDPR compliant disclaimers to your emails.

Disclaimer: You cannot achieve GDPR compliance by simply adding an email disclaimer. At the same time, the right use of email disclaimers can help you become GDPR compliant. Here is how you can use the GDPR-oriented email disclaimer:

  • Include an unsubscribe link. GDPR requires you to provide an easy way for your users to cancel consent for a subscription. Email disclaimer attached to every email correspondence is a perfect way to achieve just that.
  • Inform your users that you are GDPR compliant. The introduction of GDPR is a great opportunity to build a good impression among your customers. People are more likely to trust a brand which takes pride in its GDPR compliance and has a clear privacy policy. Email signatures and disclaimers are a great place to show that you care about the security and privacy of the personal data you process.
  • Processing information. GDPR introduces Information obligation. Simply speaking, it states that you need to inform people you contact that you process their personal data (and how). This information should be easily accessible and clearly formulated. Including a link to your organization’s processing information makes it easier for your clients to learn more about how you ensure their personal data security.

GDPR-oriented email disclaimer examples

Below, you can find sample GDPR-oriented email disclaimers:

All information and attachments included in this email are confidential and intended for the original recipient only. You must not share any part of this message with any third party. If you have received this message by mistake, please let us know immediately, so that we can make sure such a mistake does not happen again, and delete this message from your system.

[Company] places the highest priority on the security and privacy of our Clients. Therefore, we have put our efforts into ensuring that this message is free of errors and viruses. Despite our efforts, you should always scan all emails for any threats with proper software, as the sender does not accept liability for any damage inflicted by viewing the content of this email.

The security of your data is one of our greatest concerns. That is why we put extra effort into ensuring your data is always safe and up to date. Contact us if you want to access or change your personal information or if you want us to remove it completely from our database. If you do not wish to receive more emails from us, click unsubscribe.

Here at [company], we care for your privacy. That is why we have taken appropriate measures to ensure that the data you have provided to us is always secure. If you have any questions related to GDPR compliance or data protection, please contact our Data Protection Officer.

Our company is fully GDPR-compliant. To learn more about how we comply with GDPR and, as a result, care for the security and privacy of personal data we collected from you, visit this page.

Another good idea is to include an eye-catching GDPR compliance badge in your email signature and link it to your dedicated GDPR compliance website, or your privacy policy.

Setting up automatic email disclaimers on Exchange Server

Exchange Server offers you a native method of inserting disclaimers to emails.

Although Exchange Server lets you insert automatic email disclaimers and email signatures to your messages, it suffers from some limitations, to mention a few:

  • The Delegation of signature/disclaimer management impossible. Which means that you cannot give your legal team an option to create email disclaimers without giving them administrative access to your company’s Exchange Server
  • Signatures/disclaimers are not visible in Sent Items. Although server-sided email signatures and disclaimers have a greater chance of being appended to outgoing emails, there is no native way to see them in Sent Items Because of that, it is hard to ensure if the GDPR compatible disclaimer has been successfully appended or not.
  • Disclaimers and signatures are pushed to the end of the conversation. There is no way to insert email signatures and disclaimers directly under replies and forwards. This makes it harder for the recipients to find the unsubscribe link and any information you wish to convey through the disclaimer.

To overcome those native limitations and unblock additional email processing features, you can use CodeTwo Exchange Rules Pro.

CodeTwo Exchange Rules Pro is a mail flow and email signature manager trusted by thousands of Exchange Server administrators. The software lets you add server-sided professional email signatures and disclaimers to your emails and comes with broadens capabilities of the native Exchange Server mail flow rules.

For more information,please contact with your business partner.