GDPR Compliance

At MoEngage we take data protection and privacy seriously. We firmly believe in respecting our customers and their respective users’ privacy rights.

GDPR Compliance

We Support GDPR Compliance for Our Partners

Our Approach to GDPR Guidelines

The General Data Protection Regulation (GDPR) framework sets guidelines for the collection and processing of personal data of individuals who live in the European Union (EU). This regulation aims to give users complete control over their own data. With MoEngage, you can comply with GDPR and establish trust with your brand by informing users about the data collection scope and purpose.

featured image

GDPR Implementation with MoEngage

In terms of data handling, MoEngage processes personal data on clients’ behalf, according to their instructions.

However, when it comes to personal data collected from clients’ employees that hold EU passports, and EU citizens that visit our website, MoEngage collects and processes their data through marketing programs adhering to GDPR guidances.

featured image

Security - Core to Our Culture

Security is embedded throughout our organization, from our products to the people. We have set up a ‘security by design’ team which consists of product managers, engineers, and compliance experts, who ensure we have the controls and processes in place to safeguard your data while making continuous improvements as a mandate.

featured image

We Support Your GDPR Compliance

At MoEngage, we go beyond data processing for our clients, we enhance their user experience by automating data collection requests, enabling user data export, and providing options for user data deletion on demand. All these measures allow our clients to comply with the GDPR regulations for the EU citizens with more ease.

featured image

Frequently Asked Questions

Right to be informed

What does this mean?

The GDPR informs the processing of user personal data by brands. It also calls for more transparency in terms of the scope, storage, and purpose of critical personal data collection that needs to be communicated to customers.

Our recommendations

Under GDPR you need to inform your customers about the scope and purpose of their personal data collection. Many of our clients include information about data privacy on their websites and provide their users with easy access to relevant policies. While creating your Privacy Policy, make sure to disclose the info regarding your data sharing with third parties that might process users’ personal data on your behalf, and provide additional information.

Right to Access

What does this mean?

The data subject under GDPR has the right to confirm that their data is being processed; Access to their personal data; and Other supplementary information – this largely corresponds to the information that should be provided in a privacy notice (see GDPR Article 15).

How is MoEngage compliant with this right?

MoEngage has established mechanisms that help customers, as data controllers, access specific information about data subjects. MoEngage customers can download data for particular users based on any user identifier. MoEngage dashboard users with Admin and Manager access can download user data directly from the dashboard.

Right to Rectification

What does this mean?

Data subjects, under GDPR, are entitled to have personal data rectified if it is inaccurate or incomplete. If you have disclosed the personal data used by third parties, you must inform users of the rectification where possible.

How is MoEngage compliant with this right?

MoEngage clients can update their user data for specific users on MoEngage by using one of our data import APIs. These are by default enabled for all clients and can be used whenever an end-user requests for their information to be updated. For information on MoEngage Data Import API and how to update user data in MoEngage, please refer to the docs here.

Right to Erasure

What does this mean?

To help our clients delete the personal data of their users from our database, we recommend the following solutions: –

How is MoEngage compliant with this right?

To help our clients delete the personal data of their users from our database, we recommend the following solutions: –

1. An Erase API that erases the personal data of specific users entirely from our database. For more details on the delete API, you can refer to this article. Please note that deleting the data does not automatically stop processing additional data that you send to MoEngage for a given user.

2. Alternatively, you can ask your end-users to uninstall the app from all their devices. Deleting a user from the MoEngage platform will permanently remove the user profile for that particular user. This includes all personal data as mentioned under GDPR guidelines.

Analytics within MoEngage is tied to an anonymous MoEngage User ID. Once the user profile is deleted, the MoEngage user-id effectively becomes a wholly anonymized identifier, as we cannot tie it back to any personally identifiable information.

Right to Restriction of Processing

What does this mean?

Data Subjects have the right to ‘block’ or suppress processing of specific subsets of their personal data in the event of inaccurate or improperly obtained data. When processing is restricted, you are permitted to store the personal data, but not further process it. You can retain just enough information about the individual user to ensure that the restriction is respected in the future.

How is MoEngage compliant with this right?

MoEngage SDKs are shipped with the functionality to suppress tracking of personal data for a particular user. As of now, we cannot suppress the tracking of specific categories of data, but we will stop tracking all the data entirely. For more information on disabling data tracking from the MoEngage SDK, you can refer to this implementation doc

Right to Data Portability

What does this mean?

The right to data portability allows individuals to obtain and reuse their personal data for their purposes across different services.

How is MoEngage compliant with this right?

Similar to Right to Access, MoEngage customers can easily download the data of specific users based on any user identifier. MoEngage dashboard users with Admin and Manager access can download user data directly from the dashboard. For more information on this, you can refer to our help article

Built to Handle Massive Scale

1 Trillion+
Data points processed per month
80 Billion+
Messages sent per month
1 Billion+
Emails sent per month
900 Million+
MAUs engaged per month

Drive Customer Engagement with MoEngage

  • Explore how MoEngage can help you with your growth journey.
  • Connect with our product experts for a personalized walk-through of our platform.