Compliance

Our services

HandHeld Community is a cloud-based web app that provides two services:
 

  • URL link connected to a series of swipeable cards and promotional content

  • Content Management System for Operators to add content to be displayed on the URL link

End-user data

We are 100% GDPR compliant, to put it plainly - we don't collect or store any end-user data. 

Our platform automatically collects metrics about interactions generated from our campaigns, 

such as clicks, views, and dwell time. However, we don't collect IP addresses or any other personally identifiable information. The metrics that we present via our analytics dashboard cannot be traced to any individual.

Customer data

As a cloud-based web app, HandHeld Community is responsible for the security of protecting our customers' data on the services we provide. We only require our customers to provide the most basic level of information (such as an email address to be able to access your account) and this information is securely stored for us to be fully GDPR compliant. The HandHeld Community service has not been breached since the service first went live and we are continually implementing the latest security features available to ensure this will never happen in the future.

Please see our Privacy Policy for more details on this.

Customer responsibilities

If you use SMS to share your Handheld campaigns here is a quick reminder of what you need to bear in mind when doing so:

Legal obligations
 

Collecting customer data for your contact list is key. When building your contacts database, you have to ensure that you follow the regulations by the General Data Protection Regulation (GDPR) and The Privacy & Electronic Communications Regulations 2003. Under GDPR, you are the Data Controller. However you choose to compile your database, legal compliance is paramount.
 

The Information Commissioner's Office (ICO) has determined that an organisation cannot send a text message if the recipient has not agreed to it, unless:
 

  • the sender has obtained your details via a sale, or negotiations for a sale

  • the messages relate to similar goods or services offered by the sender

  • you were provided an opportunity to refuse receiving the texts when your details were collected and, if you did not refuse, you have been given a simple way to opt out in all the subsequent text messages you have received
     

For more information on compliance, please visit the ICO site.
 

If you are sending texts to existing customers, then follow the above rules. If you are sending texts to prospective customers, then you require them to have opted in to receive them first.

 

Always include an opt-out
 

Most SMS bulk services provide you with the opportunity to include a simple opt-out message in every SMS broadcast. 

 

Broadcast responsibly for best engagement
 

An additional benefit of responsible and legally compliant campaigns is that it can actually improve your customer response and conversion rate. 
 

Our top two tips:
 

  • Message rate: Texting too frequently to the same target base may raise the surge of opt-outs. Be careful how often you message. Don’t be intrusive.

  • Transparency: Your messages should very clearly state your identity and how one may opt-out. This will clearly differentiate your message from spam messages that the recipient may otherwise receive.