Are You GDPR Ready? - Greenlight Digital

whose tagline is “what can your data do for you?”, and focuses on how data can empower consumers (not brands). In the end, something positive can definitely.
7MB Sizes 0 Downloads 86 Views
DECEMBER 2017 Predictions Magazine



2018: The year of the GDPR

Data controller: A controller determines the purposes and means of processing personal data. However, if you’re a controller, you’re not relieved of your obligations

The General Data Protection Regulation (GDPR), is

where a processor is involved – the GDPR places further

probably one of the most important legal changes

obligations on you to ensure your contracts with

that’ll hit the digital landscape in 2018; and even

processors comply with the GDPR 2.

though most customers might not be fully aware of it,

Once you’ve identified where your business sits

digital marketers are taking full notice.

within the dyad, you need to perform a full gap

The directive will become effective in May 2018,

analysis to understand exactly what type of data

however, it’s raising concerns across the industry,

you‘ve been collecting, in what formats (anonymised,

as there’s still some gaps in information on how to

pseudonymised) and what categories of data you’ve

approach the required changes from a practical and

been collecting (such as sensitive data related to

technical point of view. What we do know is that

religion, race, or politics). All these data points need

it’ll affect all marketers and consumers, giving the

to be mapped in order to understand where it’s being

latter more power and control than ever before. So,

sent and where it’s being received. Moreover, this

how can marketers take steps in the right direction

process needs to be documented and stored properly

to comply with the regulations and ensure that

in your records.

consumers’ data and privacy is being protected effectively? Well, the first step is understanding that

A broader definition of privacy

while data is valuable to marketers, it’s still private information, and we need to be far more careful with how it’s processed following the array of hacks

One of the key changes brought in by the GDPR

that’ve taken place in recent years.

relates to the current definition of privacy. The new

Know your place in the ecosystem - and mind the gap

directive will extend privacy policies to IP address, cookie IDs, device IDs, genetic data, and biometric data; a major game changer which will make the process of stitching data together much harder.

On a basic level, the GDPR concerns the usage and

However, marketers still have an ace up their sleeve

collection of personal data. In the digital ecosystem,

– consent. As long as marketers have consumers’

different entities work with data in different ways.

consent, they’ll be able to operate as usual – at least

Depending on where you sit in this ecosystem, the

to some extent. However, the directive puts in place

first thing to understand is that the GDPR focuses

robust requirements for gaining consent; small

on two major entities: data processors and data

print won’t be permitted, nor will hidden terms and

controllers – and your first job is to determine where

conditions (T&Cs) at the point of requesting consent.

you fall according to their definitions. Understanding

Everything will need to be presented upfront to

whether you’re a processor or a controller is

consumers, giving them full transparency of how

extremely imp