As you may already be aware, Kartra does support the option to manage your GDPR compliance. To that end we would like to clarify that when you use Zapier to send lead data back to Kartra, the information is transmitted via an API call, like a sky-walk between two separate corporate buildings. Because these two systems have separate databases, security protocols, and connect only via API, we are unable to pass the GDPR authorization between them.
The only way to ensure a lead is cleared for GDPR in Kartra is to collect the information through one of our opt-in or checkout forms on a Kartra page. GDPR clearance will be verified at the time of opt-in, and the lead will be clear to email.
Be mindful this also includes non-European residences as anyone without a verified IP through our content (opt-in or checkout form) will be marked as “unknown” and will be affected by GDPR restrictions. Regardless of what address they may have provided, we have to assume they are in Europe with GDPR options enabled until they actually go through a Kartra based opt-in form or product checkout to prove an alternative residence. So as an example, a USA resident can have their lead taken from an external system and put into a Kartra account via Zapier. But then that lead will be blocked by GDPR despite being from the USA until that lead fills out an opt-in or product checkout form in Kartra (Assuming GDPR is enabled on the Kartra account).