Over the past few months, SmarterTools has undergone a number of changes. While many of these relate to product releases, we also continually review and refine our policies and procedures as both our business and the broader business landscape evolve.
In recent years, two major privacy regulations have come into effect: the California Consumer Privacy Act (CCPA) and the European Union’s General Data Protection Regulation (GDPR). As we continue expanding globally, it’s important that we understand and navigate how these and other emerging regulations govern consumer data across different regions, including within the United States.
The CCPA is essentially California’s GDPR. While the two share similarities, the CCPA has a more defined scope. It applies specifically to companies that derive at least 50% of their revenue from buying, selling, or sharing personal data of California residents. SmarterTools does not fall into this category .
In contrast, the GDPR takes a broader and more comprehensive approach. As a business, we operate as both a data “processor” for the information we handle for our own customers and, through our software, a “controller” of certain customer data. In turn, our customers may also act as processors depending on how they use that data. To ensure compliance with GDPR requirements, we’ve worked closely with EU-based legal counsel to update our Privacy Policy, and we review it regularly to stay aligned with any regulatory changes. We are also a long-standing participant in the Data Privacy Framework.
That said, this wave of data protection “acts” and “regulations” is likely just the beginning. The GDPR has effectively become a global benchmark, and it’s clear that more countries will adopt similar frameworks—much like U.S. states are already following California’s lead in establishing their own data privacy standards.
At SmarterTools, we’ve never focused on where things are today, but rather where they’re headed (to paraphrase Wayne Gretzky). With that mindset, we fully expect continued evolution toward stronger consumer data protection. As a result, we are reevaluating how we deliver support to our customers.
Most customers who have submitted a support ticket are familiar with the term “RSAA,” or Remote Services Access Agreement. This is what we request when our administrators need to access a customer’s installation or server to troubleshoot issues, assist with upgrades, or perform related tasks. While this access is often helpful, it also introduces potential exposure to sensitive data such as email content, addresses, IP information, and more.
At the same time, we’ve seen a shift not only in data protection regulations but also in customer expectations of technical support. These changes require us to rethink how we operate and to develop an approach that allows us to continue helping customers while minimizing exposure to the data they manage.
Some of you may have already noticed that we’re requesting RSAAs less frequently. That’s intentional—and it’s the first step as we gradually reduce direct access to customer systems. The next phase will be to move towards attended “read-only” screen sharing sessions that are controlled by the customer.
This shift creates an opportunity for SmarterTools to better educate our customers. Rather than relying on direct intervention, we can guide customers through troubleshooting, explain where to find and interpret logs, explain key configuration changes during migrations,clarify what specific log entries mean, and guide installations and upgrades. This hands-on approach empowers customers to confidently manage and administer their own environments.
It’s important to emphasize that this is not an immediate change. It will take time for both our team and our customers to adapt. Throughout 2026, we are committed to reducing risk—for both our customers and SmarterTools—while ensuring these changes ultimately provide long-term value for everyone involved.