Additional Features

Xtremepush offers advanced features and solutions to enhance our web and mobile product offerings.

What is GDPR?

GDPR is a new legislation which will be introduced unilaterally across all EU Member States in May 2018. GDPR specifies the roles, processes, and technology enterprise brands must have in place to ensure their data belonging to EU citizens is secure, accessible and is used with consent.

How Xtremepush can help achieve GDPR compliance

Xtremepush is a powerful platform which in itself addresses key GDPR compliance requirements.

Data Protection

Our architecture, controls and real-time auditing capabilities ensure that we are perfectly positioned to manage your GDPR data protection, consent and right to be forgotten requirements, via a powerful, secure and resilient platform.

Customer Consent Management

Enables real-time exclusion of Customer data across multiple channels, and an ability to manage Customer Consent not just at an individual level but also at a segment or group level if required.

Data Management – Self Service Portal

Allow your users to control their data – allow access to a self-designed, branded page where customers can edit and access their data permissions, message history, data analysis and request to be deleted.

Data Management – Request Management

Easy, quick and clear management page where enterprises can easily deal with management request from their users. Power to add notes to their profile or delete all their data, as per request.

Right to be Forgotten

The right to be forgotten is easily enabled through the Customer Consent Management Module.

Enterprise Grade Security

Independently assessed by financial institutions globally for risk and compliance.

Real-Time Auditing Capability

The platform has an inbuilt Real-Time Auditing Capability to report on Consent and PII data protection components.

Agile platform

Our Agile Platform (cloud or on-premise) has been built with data protection and privacy rights at its core by design.

Key Principles of GDPR

1. Personal Information Data and Security

  • GDPR broadens the definition of PII data to include any information relating to an identified natural person
  • Online identifiers such as IP addresses and location data are now deemed to be Personally Identifiable Data
  • Personal data must be protected in a manner that ensures appropriate security of the data, protecting against unlawful processing, accidental loss or damage with appropriate technical and operational measures in place

2. Privacy By Design

  • Data privacy is engineered across the life cycle of a product/service development
  • The most strict privacy controls possible apply once a Customer acquires a new product/service with no manual privacy setting changes required
  • Standards and controls include the encryption and pseudonymization of PII Data

3. Obligations of Data Controllers/Data Processors

  • If you are a Data Processor and use data from a Data Controller for a purpose other than that intended by the Data Controller, you then become a Data Controller under the legislation

4. Customer Consent

  • A Customer must provide a statement or a ‘clear affirmative action’, which may include ticking a box on a website. However, pre-ticking of boxes or similar inactivity is deemed to be an unacceptable form of consent
  • In addition, explicit consent is required for processing of special categories of PII data (e.g. ethnic origin, political opinions, trade union membership, religious data, biometric data)

5. Right to Be Forgotten

  • A Customer can withdraw consent at any time, which should be as easy as the ability to give consent
  • At the request of the Customer, all Personally Identifiable Data must be destroyed and removed from data storage platforms

6. Reporting, breach notification, and fines

  • Where a breach of security leads to the release of identifiable PII data being disclosed, destroyed, lost, altered or stolen, the competent supervisory authority must be notified no later than 72 hours after the data controller has become aware of it
  • If a data processor experiences a data breach, it must notify the data controller
  • If a company is found to be in breach of the GDPR, it is liable for a fine of 4% of global annual turnover of €20m, whichever is the greater amount

7. Potential requirement for a Data Protection Officer (DPO)

  • There are specific cases where it will be mandatory to appoint a Data Protection Officer (DPO)
  • The appointment of a DPO is a pragmatic approach that ensures ongoing compliance monitoring, avoids the risk of breach and demonstrates best in class data management approach

Proximity Marketing

Drive app engagement with our proximity marketing solution to deliver contextual location-based app notifications to your users. With unlimited iBeacon & Geofencing capabilities, Xtremepush enables enterprises to instantly engage consumers on their app when in key locations, resulting in increased footfall and truly personalised brand experiences.

Deliver targeted messaging

Engage your users through each vital stage of the user journey with intelligent, personalised content to drive key user actions and prompt goal completions.

Deep Analytics

Understand your user’s offline behaviour with in-depth analytics of geofence and iBeacon behaviour. Track entries, exits and dwell time for thousands of locations.

Laser-like targeting

Target users with relevant app messages based on previous location behaviour. Or engage them at the right time, in the right place with the right app message triggered based on location entry, exit or dwell time.

Infinitely Scalable

None of the OS limitations that limit you to twenty locations. We handle scaling so you don’t have to worry about it. No need to know all your locations on day one just keep adding locations on the platform as you need them.


1. What is Location Technology

Innovative mobile technology, such as iBeacons and Geo-Fences, that identifies a user’s proximity to a location which enables enterprise brands to engage their users with the right message at the right time in the right location.

2. What is Geofencing?

Geofencing is a marketing technology that identifies when users enter the enterprise brands targeted locations and enable brands to send targeted messages via their app to the users in a specific geographic area.

3. How does Geofencing work?

Geofencing works with a combination of GPS, cellular data, and also Wi-Fi data. It is a virtual perimeter that you can pinpoint a location on a map and then target customers via the app that enter, dwell in or exit that location.

4. What are Beacons?

Beacons are a piece of hardware that can be placed in particular locations. Beacons use Bluetooth to estimate your proximity to the device, and when close to the device a signal is triggered.

5. How do Beacons work?

When you are with proximity to a Beacon, it triggers a notification. The app on a customer’s smartphone then receives this signal and transmits the data back to the mobile marketing provider. The provider can then send a personalised push notification or in-app message to the customer.

White Label Solutions

All of the Xtremepush features without the cost of development, maintenance and updates? Find out more about what Xtremepush White Label Solutions and Agency Agreements are available.

Quick and Easy

Pain free update with your logo and colours

Infinitely Scalable

None of the OS limitations that limit you to twenty locations. We handle scaling so you don’t have to worry about it. No need to know all your locations on day one just keep adding locations on the platform as you need them.

Deep Analytics

Understand your users offline behaviour with in-depth analytics of geo-fence and iBeacon behaviour. Track entries, exits and dwell time for thousands of locations.

Laser Like Targeting

Target users with relevant messages based on previous location behaviour. Or communicate with them at the right time in the right place with messages triggered based on location entry, exit or dwell time.