Thursday 24th May 2018

GDPR shutdown: Unroll.me is the latest organization to stop serving EU customers

GDPR comes into force on the 25th May and a number of organizations have closed the door to EU consumers.
Jason Smith
by on 7th May 2018 | Leave a comment
EU Flag

Unroll.me, a service that helps users track and unsubscribe from email lists, is the latest service to announce it will stop serving EU customers ahead of GDPR coming into force on 25th May.

It’s just one of many organizations withdrawing from serving EU customers owed to anxiety over the possibility of incurring fines of upwards of 4 million EUR for failing to comply with GDPR.

Some of the other organizations that have recently announced they’ll no longer service EU customers include:

  • Ragnarok Online (an online game);
  • Verve (a mobile marketing platform);
  • Brent Ozar (database services);
  • SMNC online (an online game);
  • Tunngle services (a gaming network);
  • Steel Root (cybersecurity); and
  • Drawbridge (analytics platform)

Of course, this is just a sample of websites. There may be more that haven’t disclosed a status publicly.

Unroll.me has faced a lot of criticism in recent years over how it processes and shares the data it holds on its users.

The service provided by unroll.me allows users to quickly and easily unsubscribe from email marketing lists, however it was also discovered that the data unroll.me gained access to was being shared with organizations including Uber.

In response to a question it created ten days ago on its FAQ pages about what will happen to the accounts of EU users, it states, “Since our services are not designed for use by EU residents, your account will be deleted”.

Meanwhile, in an interview with AdExchanger about GDPR compliance, Verve Chief Marketing Officer Julie Bernard stated, “We have decided that the regulatory environment is not favorable to our particular business model…we are focusing efforts on the strength of our US business as this time”.

GDPR comprises 99 articles and has set stringent requirements on how organizations should handle personally identifiable information (PII) they hold on EU consumers.

The requirements impose new standards around consent, data portability and the amount of time organizations are permitted to hold data on users.

Owed to concerns about the possibility of incurring large fines, several services have recently been created that allow webmasters to block traffic originating from the EU.