Data Management & Compliance

Open Letter Connect (OLC), safeguarding your data and maintaining compliance with privacy regulations is a core part of how we operate. Whether you're uploading mailing lists, managing campaigns, or integrating with your CRM, you can trust that your data is secure, validated, and handled responsibly.

Data Retention & Ownership

Your data is your property. Any contact lists or mailing data you upload remain yours. OLC does not sell, share, or use your data for marketing.
How long we keep your data:
- Contact lists and campaign data are retained as long as your account is active.
- If your account becomes inactive for over one year, data may be deleted for security and storage optimization.
- We recommend backing up your data regularly outside of OLC.

Address Validation & List Cleaning

Automatic Address Validation: OLC uses Accutrace, a USPS-certified address verification service, to:
- Standardize address formatting (e.g., abbreviations, casing)
- Confirm deliverability to reduce undeliverable mail
- Ensure compliance with USPS regulations, including CASS and NCOA standards.

🔍 Pro Tip: Upload clean lists for better deliverability. Invalid or incomplete addresses may be flagged during import.

Data Security

Encryption: All data is protected:
- In transit: via HTTPS encryption during uploads, imports, and API calls.
- At rest: stored securely within our infrastructure.
Access Controls: Your data is accessible only to authorized personnel involved in campaign fulfillment and technical support.
Sunsetting Policy: Inactive accounts and unused data are reviewed annually for removal to maintain security and compliance.

Compliance Framework

GDPR & CCPA Alignment: OLC aligns with key privacy regulations:
- Right to Access: Users may request a copy of their account data.
- Right to Deletion: Users may request full deletion of their account and associated data by contacting [email protected].
- OLC does not sell personal data and only processes data for the intended purpose of fulfilling mailing services.
Data Controller vs. Processor:
- You (the OLC client) act as the Data Controller: You determine what data to upload and who receives mail.
- OLC operates as the Data Processor: We handle the processing (printing, mailing, address validation) on your behalf.

Obtain Consent: As the Data Controller, it’s your responsibility to ensure you have the right to contact individuals on your mailing list.
Include Opt-Out Instructions (Recommended): While opt-outs are not legally required for direct mail in many jurisdictions, we recommend including opt-out methods, such as:
- A phone number
- An email address
- A website link (QR codes are great here!)

🧠 Why Include Opt-Outs? It builds trust and transparency, reduces complaints, and aligns your business with best practices.

Fulfillment Partners & Subprocessors

Mailing Fulfillment: OLC fulfills all mail through USPS, with address validation powered by Accutrace.
No External Data Processors: Apart from mailing and address verification, OLC does not engage third-party processors for your contact data.

Summary: Your Role, Our Role

Aspect

Your Responsibility (Controller)

Our Responsibility (Processor)

Uploading Contacts

Ensure lawful consent

Securely store and validate addresses

Data Privacy Compliance

Comply with GDPR/CCPA for your lists

Align services with GDPR/CCPA standards

Fulfillment

Design campaigns, choose recipients

Print, validate, and mail to verified addresses

For more details, review our:

PreviousLocal Service Providers: Building Loyalty and Encouraging Repeat Business NextHow to Reach Support

Last updated 1 year ago

hashtagData Retention & Ownership

hashtagAddress Validation & List Cleaning

hashtagData Security

hashtagCompliance Framework

hashtagConsent & Opt-Out Best Practices

hashtagFulfillment Partners & Subprocessors

hashtagSummary: Your Role, Our Role