It cannot have escaped your notice: starting from May the 25th, you have to comply with the European General Data Protection Regulation (GDPR). Never before, so many e-mails were sent to ask for your permission to keep e-mailing in the future. While on the 18th of May the message still was ‘can we have your permission’, it became around the 25the of may “if you don’t want to receive any more e-mails, then unsubscribe by using the button below’. So much for active consent. Many companies also change their general conditions or their privacy policy in the final hour. Nobody disputes that it is important to protect personal data, while we all, in the meantime, share our data rather easily with a (free) service such as Facebook. EMAKERS has also collected (your) contact details in the past. In doing so, we can share our knowledge and contribute to a better (e-commerce) world. However, many companies are wide of the mark when they approach GDPR as a necessity. Regulation. GDPR is about a fundamental right which touches the very heart of each company. At EMAKERS, we’re not holier-than-thou. Mea culpa: while we worked very hard behind the scenes to protect the personal data, we often had something better on our hands: a call for tender, urgent business for a client, or writing a news article about GDPR.

The most important improvements we have carried out are:

  • identification of which personal data are saved where, including a policy on the management of these data;
  • creation of a standard processing agreement;
  • creation of an agreement with our staff; for the protection of their personal data and how they handle your data or the data of your clients;
  • creation of a stricter privacy policy regarding who has access to your data or the data of your clients;
  • internal communication around the importance of caution when an employee processes your data or the data of your clients.


Although many companies are pretty decent, it is in practice often difficult to proof for each individual record whether or not there has been active consent in the past. The e-mails that were sent out en masse the week before the 25th of May have a lamentable conversion. We wonder whether all these senders will really stop e-mailing you when you haven’t reacted actively. EMAKERS itself has hardly carried out any e-mail bombardment (for clients) to ask for permission to keep on e-mailing. For us, it’s always been logical that everyone should be able to unsubscribe for further (commercial) communication on any moment. We sure still have some work to do. Next weeks, we’ll be working hard on:
  • further simplifying our general conditions and privacy policy; we have fully rewritten our general conditions last year, to formulate them more clearly; simplifying a legal text is rather difficult and our own privacy policy is not fully ready yet;
  • the creation of an extensive manual about how we will ask for permission in the future as best practice - this was already on our schedule before GDPR became a hot topic;
  • improving the full protection of our systems, because continuity is of utmost importance to us; this too was already on our schedule; we work with leading suppliers who already have one and another sorted out standardly, but nevertheless, it’s always a good idea to make an extra effort in the field of security.
The right to be forgotten and other additional rules have a lot of impact on a SME like EMAKERS. Therefore, we have decided for now to manually treat these applications 1-by-1, equipped with a simplified step-by-step plan. In this respect, we think it’s necessary to apply a pragmatic way of working, while we observe significant differences concerning the interpretation of the new regulation. It goes without saying that we will closely follow the developments, including possible legal proceedings of the data protection authority. We hope to keep on processing a lot of data in the future and we thank you for your confidence in EMAKERS.