Does a OneSignal paid plan ($99/month) automatically opt out a customer of data collection in the app – data sharing with third parties?
Yes, OneSignal’s paid plans do not share any data with 3rd parties.
If we use a free plan from OneSignal does that mean that an EU company would not be compliant with GDPR?
Generally there are 2 options in working with OneSignal:
- Stay on the free plan and ask users to opt-in to share their data with services you use (including OneSignal).
- Upgrade your OneSignal Plan
The first option keeps OneSignal free, but puts the burden on you to make sure users opt-in. The second option shifts the onus to OneSignal. For additional guidance on any specific GDPR responsibilities, we recommend working with your legal counsel.
OneSignal’s paid plans do provide a DPA and model clauses which help provide the necessary legal framework for the data processing on your behalf and for EU-US data transfer. They work with many enterprise businesses in the EU/UK and this has not been an issue as long as the DPA is in place.