• Guidance by our experienced support team
  • European based - GDPR Proof
  • Over 11,000 active users
Free 14-day trial
Log in

Sub-processors overview

Privacy Verified logo zwart

The privacy of you and your customers ensured

MailBlue annually achieves the Privacy Verified certificate to demonstrate that we comply with the latest GDPR regulations.

More information

Sub-processors where your data and that of your contacts may be processed​

Goal:
Email marketing and CRM software.

Explanation:
ActiveCampaign is also the provider of the email marketing software you use with MailBlue. Only in ActiveCampaign’s system are the data of your customers, leads, etc. stored. The data you enter into your email marketing account is only stored with ActiveCampaign (and its sub-processors). In addition to using ActiveCampaign for marketing, we also use ActiveCampaign’s Postmark for sending transactional emails, such as password reset, account renewal reminders, and more.

Storage location: USA and EU*

* Since March 2024 it is possible to request an account hosted on the European datacenter of ActiveCampaign.

Additional SCC measures: (a) Pseudonymization and encryption of Personal Data (including during transmission); (b) Ensuring ongoing confidentiality, integrity, availability, and resilience of processing systems and services; (c) Ability to restore availability and access to Personal Data promptly in the event of a physical or technical incident; (d) Regular testing, assessment, and evaluation of the effectiveness of technical and organizational measures to ensure processing security; and (e) Ability to allow data portability and ensure erasure of Personal Data (including by Subprocessors)

Data Privacy Framework: ActiveCampaign currently has an active certification for the Data Privacy Framework. For details, visit the Data Privacy Framework website.
Data Privacy Framework

Goal:
Sister organization; outsourcing of services.

Explanation:
If you use additional services from us, such as onboarding, your data may be processed by our sister organization, Blue Agency.

Storage region:
EU

Subprocessors where your data may be processed

Goal:
Email marketing and CRM software.

Explanation:
ActiveCampaign is also the provider of the email marketing software you use with MailBlue. Only in ActiveCampaign’s system are the data of your customers, leads, etc. stored. The data you enter into your email marketing account is only stored with ActiveCampaign (and its sub-processors). In addition to using ActiveCampaign for marketing, we also use ActiveCampaign’s Postmark for sending transactional emails, such as password reset, account renewal reminders, and more.

Storage location: USA and EU*

* Since March 2024 it is possible to request an account hosted on the European datacenter of ActiveCampaign.

Participant Data Privacy Framework program:
Yes

Purpose:
Project management. If you subscribe to additional services with MailBlue, such as onboarding, your data may be managed by our sister organization, Blue Agency, within our project management system, Asana. This system does not contain any data of your contacts that you have in your email marketing platform.

Storage Region:
USA

Participant Data Privacy Framework program:
Yes

Purpose:
Sister organization; outsourcing of services

Storage Region:
EU

Purpose:
Appointment automation

Storage Region:
USA

Participant Data Privacy Framework program:
Yes

Purpose:
Hosting login.mailblue.io

Storage Region:
NL

Participant Data Privacy Framework program:
Yes

Purpose:
Email, calendar, forms, Google Ads and other Google services

Storage Region:
EU / US

Participant Data Privacy Framework program:
Yes

Purpose:
Accounting System

Storage Region:
EU

Additional Measures:
In Dutch; see: https://www.moneybird.nl/kennisbank/hoe-veilig-is-mijn-data-in-de-cloud/

Purpose:
Digital contract signing

Storage Region:
EU

Additional SCC Measures:
The Technical and Organizational Measures include measures to encrypt Customer Personal Data; to help ensure ongoing confidentiality, integrity, availability, and resilience of SignRequest’s systems and services; to help restore timely access to Customer Personal Data following an incident; and for regular testing of effectiveness.

Purpose:
Internal communication

Storage Region:
USA

Participant Data Privacy Framework program:
Yes

Purpose:
Web hosting provider

Storage Region:
NL

Purpose:
Automation

Storage Region:
USA

Participant Data Privacy Framework program:
Yes

Purpose:
Ticketing system

Storage Region:
USA

Participant Data Privacy Framework program:
Yes

Purpose:
Customer engagement tool
(e.g., pop-ups, messages, etc.)

Storage Region:
USA

Participant Data Privacy Framework program:
Yes

Do you want to stay informed about GDPR changes such as updates to subprocessors or changes to the data processing agreement? Subscribe to our updates.

Subscribe
MailBlue logo wit

Features

Campaigns
Automations
CRM
Landing pages
Personalizaton & segmentation
Integrations

Support

Resources
Getting Started Guide
Support ticket
Status

Company

Benefits
Affiliates
Privacy Verified Certified
MailBlue vs. Mailchimp

MailBlue B.V.
Reduitlaan 25C
4814DC Breda
The Netherlands

info@mailblue.io

CoC: 68740077
VAT: NL857570869B01

Facebook Instagram Youtube Linkedin Spotify

Terms and conditions

Privacy Policy

Legal information

Cookie settings