GDPR and email messaging

EU's General Data Protection Regulation (GDPR) will be applied next week. What effect does the regulation have on e-mail? And how has GDPR affected Deltagon's software development? Among other things, these topics were discussed yesterday at our event in Helsinki, Finland.

The General Data Protection Regulation will become directly applicable on 25 May 2018, 2 years after its adoption and entry into force. While everyone's attention has been on Privacy Policies, Agreements for Data Processing and the possibility for administrative fines, surprisingly little has been said about the impact GDPR has on e-mail messaging.

As a result, we organized a breakfast event on May 15 about the impact of GDPR on e-mail. We also went through how Deltagon's solutions support the requirements of GDPR.

How does the regulation affect e-mail messaging

E-mail is one of the most common means of communication in companies. The regulation does not state that the sending of personal data by e-mail would be prohibited. However, this does not mean that using e-mail is completely unproblematic.

The regulation requires the data controller to conduct an analysis of the security of personal data processing. The regulation is created to protect the registered persons. The controller must assess the security of the e-mail solution used in relation to the sensitivity of the personal data being transmitted. Thus, the data controller has an obligation to assess the risk formed to the data subject.


In addition to e-mail messaging, Terho Nevasalo, Partner at HPP Attorneys Ltd., spoke in our event about the different roles in IT service agreement networks, the data subject's right to get information and the data controller's obligation to inform data subject.

Deltagon's solutions and GDPR

Tuukka Meriläinen, Product Manager at Deltagon, revealed in his speech how GDPR looks from the point of view of software development. In addition, Tuukka presented how the roles of the data controller and the data processor realizes in Deltagon's solutions and how the information is distributed in our encryption products.

The presentation also brought up what is the identified personal information in our solutions and how users can easily be informed about the collection and retention of personal data. Discussion was also conducted on the automatic removal and anonymization of data.


If you could not attend or wish for more information, please contact us! Call +358 9 6850 320 or email You can also fill the contact form below and we will contact you.

Contact us

Do you have any questions? Do you want more information? Please leave your contact information and we’ll get back to you.