1. Understanding the regulations around data storage

The European Union (EU) General Data Protection Regulation (GDPR) sets out detailed compliance requirements for companies and organizations on collecting, storing, and managing personal data. These regulations apply both to European organizations that process the personal data of individuals in the EU, and to organizations outside the EU that target EU residents. These storage regulations also apply to email data and so we need to ensure that you are able to manage your data in accordance with regulations.

1.1 Ensuring compliance with data storage regulations

You can ensure that the mail configuration for your application complies with GDPR. While building your application, you are able to use the demonstration (demo) setting that is configured to the Betty Blocks domain*. In this way, test emails sent while building your application comply with EU storage regulations.

* The Betty Blocks domain communicates via Flowmailer - a 3rd party provider that is GDPR-compliant and ISO 27001 certified.

Once you are ready to move your application to production for making it available to end users, you need to reconfigure the mail settings to either SMTP (where available within your organization) or to a 3rd party provider such as Mandrill or Flowmailer. Contact either your local IT department or your 3rd party provider for configuration details.

1.2 What is changed?

Demo settings are applied as the default for applications created after 26/10/2021. You can update existing applications to ensure compliance with EU data regulations. Where SMTP is already configured for your applications, these settings are maintained in the Mail configuration form.

Recommendation: Please check or change settings as appropriate for your application/organization in the Mail form tab. How you work with this form is described in the following.

2. Applying mail settings

You can apply or update the mail configuration in the Mail form in your application settings. To navigate to the Mail form, navigate from the betty blocks platform to My Betty Blocks as follows:

Open My Betty Blocks and click on the application options ... button. Select Settings from the pull-down menu displayed. The application settings are opened. Press the Mail tab.

Complete the configuration settings required by clicking on the corresponding radio button. You can select either:

Demo settings - the default applied for new applications and is recommended when building applications. Under the default settings, emails are sent via Flowmailer, an EU-domiciled GDPR-compliant email delivery platform. While active during the development stage of an application, the sender (From) address is configured to the betty.app email domain, for example, username@betty.app.

Custom SMTP configuration - the recommended configuration for all applications in the live/production environment. Using this setting, you can apply the configuration settings required for routing emails through a company email domain. Settings are automatically applied for existing applications that are already configured for SMTP.

Note: Existing applications built before 26/10/2021 can be updated for compliance. Where SMTP is already configured, settings are automatically updated.

You can specify the authentication mechanism that you want to be applied based on your mail configuration based on the details provided by your IT department. Select the Save changes button to save the changes.

Tip: Contact your IT department for obtaining the required SMTP configuration details for your application.

2.1 Applying additional security

Please, check if you need to apply additional security such as Sender Policy Framework (SPF) or Domain Keys Identification Mail (DKIM) around your mail configurations. Contact your 3rd party provider or in-house IT networking team for details.

Note: The SMTP settings override platform-send error mails. All error emails will be sent from the SMTP server once the mail configuration has been completed.