GDPR: What Is Sumo Doing?

Sumo is working hard to become GDPR compliant. Below is a list of items that we have been tackling, and will have finished by the May 25th deadline.

What We’re Working On First

1. Deletion – Deletion will help us ensure that if you request to delete a subscriber’s information that it is removed completely and totally.

2. Double Opt-in – This will send your subscribers an email ensuring they consent to be added to your list.

3. Checkbox – We will be adding a checkbox to our forms along with text reading "I agree to [site name] adding me to their mailing list. See Consent Agreement for details." This is optional, but we are still trying to release it by the deadline. 

Screenshot showing Sumo new popup page

4. Profile – GDPR requires us to provide:

  • What information we have stored for your subscribers

  • Where we obtained that information

  • How we profile the user based on that information

  • For how long do we intend to keep that information

What You Need To Do

  1. For now the key change you’ll need to make in Sumo to ensure you are GDPR compliant is to update your forms with the GDPR Opt-In field "I agree to [site name] adding me to their mailing list. See Consent Agreement for details."

  2. If you have double optin enabled on Sumo we would encourage you to check your email service provider to ensure you don’t have double optin activated with it as well. Otherwise there is a chance your new subscribers could be receiving two opt-in emails.