In just a few months, the European Union will put a new privacy law into effect. Designed to let individuals decide what happens to their personal data, the General Data Protection Regulation (GDPR) requires companies to conform to data collection and security best practices.
At its heart, GDPR represents a unique opportunity for brands to strengthen customer relationships by making privacy and trust a key part of the user experience.
GDPR is a significant piece of legislation, and unraveling exactly what it means for your business can be tricky. Here’s what you need to know about these new rules — and what we at CleverTap are doing to prepare.
One of the largest legislations on data privacy, the European Union’s GDPR is set to take effect on May 25, 2018. The GDPR enforcement puts the control of personal data in the hands of the individuals it belongs to, protecting the rights of EU residents.
The regulation delineates individuals’ rights to access, rectify, and restrict the processing of personal data, among other key provisions, and aims to unify privacy and security laws for all organizations operating within the EU.
If your business provides a product or service to EU residents, and determines how and why to collect, track, and monitor their data, you’re considered a data controller. As a CleverTap customer, you likely perform one of the above activities and will need to comply with the GDPR.
Businesses that process data on behalf of controllers are considered data processors. As an Intelligent Mobile Marketing Platform, CleverTap services its customers as both a data processor and a data controller.
CleverTap believes that preparing for the GDPR provides an enormous opportunity for us to deliver even better customer experiences on our platform. We will be GDPR compliant by May 25, and are taking steps to make it easy for you to comply with the regulation as well.
CleverTap operates at an unprecedented scale, processing billions of data points every month — including personal data for EU residents. The GDPR requires businesses that collect, store, or transfer personal data to protect it from unauthorized or unlawful processing, damage, or accidental loss.
In preparing for the GDPR, CleverTap is able to rely on its strong foundation of privacy controls that proactively incorporate many of these requirements. At the same time, we are working to formally document and continually evaluate the additional steps that we and our customers need to take to comply with GDPR.
At CleverTap, the security and confidentiality of our customer data is critical. As a data processor, CleverTap already takes considerable effort to make sure that our product offering complies with the requirements laid out by the GDPR.
We implement best practices to ensure that we offer complete transparency in data collection, synthesis, and transfer of data to and from our customers. In light of these new requirements, our legal and privacy team is working to more formally document the privacy practices we have in place.
In order to comply, controllers should ensure that they only work with processors that implement the necessary technical and organizational best practices to meet the requirements of the GDPR.
This is just the beginning! CleverTap will continue to evolve its security and compliance suite to ensure our customers meet legal requirements as they use our mobile marketing solutions. We take our data privacy and security responsibility very seriously and will align the changes in our data processing framework with the privacy needs of our customers.
In addition, our data governance and legal team are well-placed to answer any questions you might have. We encourage our customers to engage in this conversation so we address GDPR compliance together.
If you have any questions, please reach out to us at firstname.lastname@example.org.