GDPR Policy

FreshDataLabs is GDPR compliant in sourcing our business contact data and in processing
personal data. Our customers must themselves adhere to laws and regulations that apply to
their business and to their use of data that we provide. By way of example, anytime our
customers send marketing emails to their own customers, they must adhere to digital
marketing laws that apply in the particular data subject’s geographic locale.

FreshDataLabs is committed to complying with GDPR and follows privacy and security best
practices applicable to our industry.  We have aligned how we process and protect personal
data with applicable laws (both domestic and European). We adhere to applicable privacy and
security requirements of the GDPR and comply with ISO controls for security of personal data.
FreshDataLabs can collect and share this business data because the fundamental rights and
freedoms of the individual data subjects are not overridden by our legitimate business interests
regarding our publicly-sourced database.
FreshDataLabs provides our customers with names, professional titles, and business contact
information (“Business Data”) to help them locate and engage with other businesses (B2B
data).  We maintain a core database of Business Data that is derived from publicly-available
sources (e.g. company websites) and in some instances email addresses that have been
extrapolated by our systems based on corporate email patterns (e.g., first.last@company.com).
 FreshDataLabs does not provide individual consumer contact information (no B2C data), or
process sensitive personal data.

FreshDataLabs relies upon the “legitimate interest” means of processing the publicly-sourced
personal data that comprises our business contact database. We note also that Recital 47 of the
GDPR explicitly states that “the processing for direct marketing purposes may be regarded as
carried out for a legitimate interest.”

FreshDataLabs will continue our long-standing practice of permitting individuals residing in the
EU (and elsewhere) to opt-out of our database. Our privacy policy will continue to disclose the
right of individuals to request that we remove their name and business contact information
from our services.