SlideShare uma empresa Scribd logo

The GDPR - A data revolution

Transferir como PPTX, PDF
D
Dan Brookman

Here's a short presentation on the GDPR, first presented at the Morning Advertiser MA500 event in Edinburgh on 14th September. This is an overview regulations.

Marketing
1 de 22
The GDPR: a data revolution? Presented by Dan Brookman Twitter: @danbrookman // @AirshipTeam
Who we are Airship is a digital customer experience specialist. At our heart is the Airship CRM, a powerful data acquisition, segmentation and broadcast platform that drives revenue through intelligent customer journeys. Revolution Tasty PLC Brewhouse and Kitchen Stonegate Living Ventures Hickory’s Cote Restaurants Yummy Apartment Group Rosa’s Thai Mission Mars Hydes JW Lees West Cornwall Pasty Co Bargain Booze Some Clients
Introduction General Data Protection Regulation (GDPR) Comes into force on 25th May 2018 GDPR is new legislation which introduces a wide range of reforms with significant effect on data collection, processing and storage activities. It provides individuals with a suite of new rights in relation their data. No brexit impact, the laws have already been adopted. There maybe implications in the future but the ICO (Information Commissioner's Office) have been pushing for tougher laws for years (so probably not).
It needn’t be a burden... It should be seen as an opportunity; - Build customer trust - Higher engagement - Enhance your reputation You are going to see a decline in the amount of new data acquired; however, this is a good thing. The issue of poor quality data and over-acquisition has blighted businesses for years. Opt-ins have been too soft or non-existent, company boards have focussed on the big number, customers have been seen as data records… rather than customers. The GDPR is an opportunity.
More Trust A 2016 study by the Chartered Institute of Marketing revealed: - 57% of respondents say they do not trust an organisation to use their data responsibly. - 70% of consumers still fail to see the benefit of sharing their personal data at all. - However, two-thirds (67%) of customers actually say they would share more personal information if organisations were more open about how they will use it. Conclusion The GDPR will help build trust with consumers: be on your front foot, clarity for your customers will yield results!
Don’t... MoneySupermarket, Flybe & Honda - All have been recently prosecuted for sending emails to customers who they had not had permission to market to or had previously unsubscribed. Don’t use GDPR as an excuse to pull a fast one on your customers: if they are currently opted out, they remain opted out.
Do...(maybe)
Don’t Panic While the regulations come into force on 25th May 2018, it's more than likely going to take a while for them to bed in. A number of provisions are ambiguous and guidance is being drafted by the ICO. No doubt there’ll be a number of test cases before legislation is amended. We’ve all heard the scaremongering around the hefty fines and they are certainly true… the higher of up to £17m or 4% of global turnover plus court litigation… however… The ICO closed 17,300 cases last year and only 16 resulted in fines for the organisations concerned. The ICO’s commitment is to guiding, advising and educating organisations about how to comply with the law. This will not change under the GDPR. "We have always preferred the carrot to the stick." I’m not recommending that you ignore GDPR; I’m recommending that you get your businesses up to speed on GDPR, do your audits, follow the guidelines set out by the ICO, do not panic, and hit the ground running come May 2018.
Understanding your data sources Digital Inhouse: Paper sign-ups Comment Cards Business Card Drops Sales Enquiries All businesses have many data sources, as part of your audits you’ll need to ensure that you understand each of those sources and ensure that they are compliant with the GDPR. In the same way, you’ll need to ensure that any inhouse activity is collected under the regulations. The digital sources above are transactional tables within the Airship CRM where we store each instance of customer engagement.
WiFi Session: Week View Data automatically categorised by day, session and manually by event. Where you segment customers or profile them based on their activity, you’ll need to let them know how the information is used. This dashboard shows how we take WiFi data and segment customers based on what’s on in the venue at the time they are in their WiFi session.
Let’s look at some consumer rights...
To be informed Consent must be “freely given, specific, informed and unambiguous” and in the case of automated decisions, consider whether “explicit” consent is required. 1. All consent opt ins should require a recordable manual action completed by a customer. 1. All consent should be granular. For example, where a customer is giving consent for email marketing they should be asked separately if they give consent to be sent text messages or receive sales calls. 1. All consent should be simply and clearly explained directly in the touchpoint they are using. The explanation should be written in a way that is fair to expect customers to understand, and positioned so that the customer can see the explanation in line with the request for consent. Reliance on linked privacy policies or legalese is no longer appropriate.
Legitimate Interests Consent is not always practical or necessary so consider the “legitimate interests” condition as well as other lawful processing conditions. Many businesses process data on the basis of their legitimate interests of sending marketing material. You will still need to collect the opt-out either at the point of collection or soon after. This may become a condition which is tested more thoroughly as a consequence of the GDPR changes affecting consent. Don’t use legitimate Interests as a catch-all for your activity.
1. UI Examples: Bargain Booze
The right of access Under the GDPR, individuals have the right to obtain: - Confirmation that their data is being processed - Access to their personal data - Other supplementary information - this largely corresponds to the information that should be provided in your privacy notice. - You can no longer charge a fee for the customer to access their data.
2. The right of access Purple WiFi have already implemented their first draft of a ‘right of access’ this example for Airship client Revolution Bars shows the stored personal information and the bars visited. It's their consideration that they meet the legitimate interest condition.
Other rights… - of rectification; (the customer has a right to update incorrect information) - of erasure (to be “forgotten”); (the customer has the right to have their data deleted) - to restrict processing; (where you are doing additional segmentation or profiling, the customer has the right to opt-out) - of data portability; (the customer has the right to request an export of their data. A scenario for this might be a customer taking data from their insurance company and supplying it to a competitor for a quote) - to object; and (if a customer objects, you must stop all activity immediately). - certain rights related to automated decision making and profiling (this final point is quite interesting; a scenario might be that you’ve applied for a loan and been refused, you can request the decision making process is shared with you)
Other key points to consider 1. Accountability and governance - The new accountability principle 5(2) requires you demonstrate that you comply with the principles and states explicitly that this is your responsibility. 2. Breach Notification - whether you are the data processor or controller
Privacy by Design Although not a new concept privacy by design is a key part of implementing GDPR. The ICO describes it as ‘an approach to projects that promotes privacy and data protection compliance from the start’. Whereas this is currently just a recommendation, GDPR makes this a requirement. The best approach to ensure the implementation of privacy by design is through completing privacy impact assessments when planning or reviewing IT projects. Storage of Personal Data It is important where possible to minimise the storage of ‘personal data’ while also ensuring that we have the data you need to deliver your goals. To this end it is important that we use anonymisation and pseudonymisation so that data can be stored in a way which would only in some cases be considered personal data.
Conclusion So do you ‘just’ comply or do you become a lean, clean data-driven marketing machine? Saving time and money: maintaining and learning about your customers, and creating better relationships. I know what I would choose and what Airship will be recommending to their clients. The hospitality industry can take a lead on this: it’s time to clean-up. Thanks for your time.
The Lawyer bit… Disclaimer…. Thanks to our lawyers, Excello Law, for their help in drafting this presentation. The details provided in this presentation are for information purposes only and should not be relied on as legal advice for the purposes of your business. You are recommended to seek independent legal advice with regard to any of the above before acting upon the same. Both Airship and Excello Law exclude any liability as a consequence of any reliance on this presentation. . Contacts: Dan Brookman E: dan.brookman@airship.co.uk M:07966 796581 Peter Rawlinson: specialist commercial, IT and data protection contract lawyer: E: prawlinson@excellolaw.co.uk M: 07899906476 DD: 0114 2755517

Recomendados

Why care about GDPR and avoid over $20 million fines, even outside EU ?
Why care about GDPR and avoid over $20 million fines, even outside EU ?Why care about GDPR and avoid over $20 million fines, even outside EU ?
Why care about GDPR and avoid over $20 million fines, even outside EU ?FactoVia
 
Phil Carter of IDC: An analyst point of view
Phil Carter of IDC: An analyst point of viewPhil Carter of IDC: An analyst point of view
Phil Carter of IDC: An analyst point of viewVeritas Technologies LLC
 
IDC on 10 myths regarding GDPR
IDC on 10 myths regarding GDPRIDC on 10 myths regarding GDPR
IDC on 10 myths regarding GDPRVeritas Technologies LLC
 
eDiscovery platform EMEA user conference 2017
eDiscovery platform EMEA user conference 2017eDiscovery platform EMEA user conference 2017
eDiscovery platform EMEA user conference 2017Veritas Technologies LLC
 
Jason Tooley – Welcome to Vision Solution Day EMEA
Jason Tooley – Welcome to Vision Solution Day EMEAJason Tooley – Welcome to Vision Solution Day EMEA
Jason Tooley – Welcome to Vision Solution Day EMEAVeritas Technologies LLC
 
Peter Grimmond – Harnessing the power of data
Peter Grimmond – Harnessing the power of dataPeter Grimmond – Harnessing the power of data
Peter Grimmond – Harnessing the power of dataVeritas Technologies LLC
 
Keynote session – Mitigate risks and stay compliant with Chris Bridgland and ...
Keynote session – Mitigate risks and stay compliant with Chris Bridgland and ...Keynote session – Mitigate risks and stay compliant with Chris Bridgland and ...
Keynote session – Mitigate risks and stay compliant with Chris Bridgland and ...Veritas Technologies LLC
 
Smart City Lecture 2 - Privacy in the Smart City
Smart City Lecture 2 - Privacy in the Smart CitySmart City Lecture 2 - Privacy in the Smart City
Smart City Lecture 2 - Privacy in the Smart CityPeter Waher
 

Recomendados

Why care about GDPR and avoid over $20 million fines, even outside EU ?
Why care about GDPR and avoid over $20 million fines, even outside EU ?Why care about GDPR and avoid over $20 million fines, even outside EU ?
Why care about GDPR and avoid over $20 million fines, even outside EU ?FactoVia
 
Phil Carter of IDC: An analyst point of view
Phil Carter of IDC: An analyst point of viewPhil Carter of IDC: An analyst point of view
Phil Carter of IDC: An analyst point of viewVeritas Technologies LLC
 
IDC on 10 myths regarding GDPR
IDC on 10 myths regarding GDPRIDC on 10 myths regarding GDPR
IDC on 10 myths regarding GDPRVeritas Technologies LLC
 
eDiscovery platform EMEA user conference 2017
eDiscovery platform EMEA user conference 2017eDiscovery platform EMEA user conference 2017
eDiscovery platform EMEA user conference 2017Veritas Technologies LLC
 
Jason Tooley – Welcome to Vision Solution Day EMEA
Jason Tooley – Welcome to Vision Solution Day EMEAJason Tooley – Welcome to Vision Solution Day EMEA
Jason Tooley – Welcome to Vision Solution Day EMEAVeritas Technologies LLC
 
Peter Grimmond – Harnessing the power of data
Peter Grimmond – Harnessing the power of dataPeter Grimmond – Harnessing the power of data
Peter Grimmond – Harnessing the power of dataVeritas Technologies LLC
 
Keynote session – Mitigate risks and stay compliant with Chris Bridgland and ...
Keynote session – Mitigate risks and stay compliant with Chris Bridgland and ...Keynote session – Mitigate risks and stay compliant with Chris Bridgland and ...
Keynote session – Mitigate risks and stay compliant with Chris Bridgland and ...Veritas Technologies LLC
 
Smart City Lecture 2 - Privacy in the Smart City
Smart City Lecture 2 - Privacy in the Smart CitySmart City Lecture 2 - Privacy in the Smart City
Smart City Lecture 2 - Privacy in the Smart CityPeter Waher
 
Safeguarding customer and financial data in analytics and machine learning
Safeguarding customer and financial data in analytics and machine learningSafeguarding customer and financial data in analytics and machine learning
Safeguarding customer and financial data in analytics and machine learningUlf Mattsson
 
ISC2 Privacy-Preserving Analytics and Secure Multiparty Computation
ISC2 Privacy-Preserving Analytics and Secure Multiparty ComputationISC2 Privacy-Preserving Analytics and Secure Multiparty Computation
ISC2 Privacy-Preserving Analytics and Secure Multiparty ComputationUlfMattsson7
 
David Noy – Realising the true potential of software-defined storage
David Noy – Realising the true potential of software-defined storageDavid Noy – Realising the true potential of software-defined storage
David Noy – Realising the true potential of software-defined storageVeritas Technologies LLC
 
Scot-Cloud 2015
Scot-Cloud 2015Scot-Cloud 2015
Scot-Cloud 2015Ray Bugg
 
Cross domain autonomous cooperation cross-domain autonomous cooperation
Cross domain autonomous cooperation cross-domain autonomous cooperationCross domain autonomous cooperation cross-domain autonomous cooperation
Cross domain autonomous cooperation cross-domain autonomous cooperationPeter Waher
 
Smart City Lecture 3 - An Open And/Or Secure Smart City
Smart City Lecture 3 - An Open And/Or Secure Smart CitySmart City Lecture 3 - An Open And/Or Secure Smart City
Smart City Lecture 3 - An Open And/Or Secure Smart CityPeter Waher
 
Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...Ulf Mattsson
 
Expanded top ten_big_data_security_and_privacy_challenges
Expanded top ten_big_data_security_and_privacy_challengesExpanded top ten_big_data_security_and_privacy_challenges
Expanded top ten_big_data_security_and_privacy_challengesTom Kirby
 
Solve Big Data Security Issues
Solve Big Data Security IssuesSolve Big Data Security Issues
Solve Big Data Security IssuesEditor IJCATR
 
GDPR: 20 Million Reasons to Get Ready - Part 2: Living Compliance
GDPR: 20 Million Reasons to Get Ready - Part 2: Living ComplianceGDPR: 20 Million Reasons to Get Ready - Part 2: Living Compliance
GDPR: 20 Million Reasons to Get Ready - Part 2: Living ComplianceCloudera, Inc.
 
Forcepoint Dynamic Data Protection
Forcepoint Dynamic Data ProtectionForcepoint Dynamic Data Protection
Forcepoint Dynamic Data ProtectionMarketingArrowECS_CZ
 
IEEE Standards Impact in IoT and 5G, Day 1, Session 1 - Introduction & Overview
IEEE Standards Impact in IoT and 5G, Day 1, Session 1 - Introduction & OverviewIEEE Standards Impact in IoT and 5G, Day 1, Session 1 - Introduction & Overview
IEEE Standards Impact in IoT and 5G, Day 1, Session 1 - Introduction & OverviewPeter Waher
 
Smart City Lecture 4 - Harmonizing the Internet of Things
Smart City Lecture 4 - Harmonizing the Internet of ThingsSmart City Lecture 4 - Harmonizing the Internet of Things
Smart City Lecture 4 - Harmonizing the Internet of ThingsPeter Waher
 
N-able webinar:Build recurring revenue in 45 days
N-able webinar:Build recurring revenue in 45 daysN-able webinar:Build recurring revenue in 45 days
N-able webinar:Build recurring revenue in 45 daysSolarwinds N-able
 
Cloud data security and GDPR compliance
Cloud data security and GDPR complianceCloud data security and GDPR compliance
Cloud data security and GDPR complianceSalim Benadel
 
Silicon Valley Code Camp Blockchain Oct 2017
Silicon Valley Code Camp Blockchain Oct 2017Silicon Valley Code Camp Blockchain Oct 2017
Silicon Valley Code Camp Blockchain Oct 2017Nelson Petracek
 
What is tokenization in blockchain - BCS London
What is tokenization in blockchain - BCS LondonWhat is tokenization in blockchain - BCS London
What is tokenization in blockchain - BCS LondonUlf Mattsson
 
Big Data Day LA 2016/ NoSQL track - Privacy vs. Security in a Big Data World,...
Big Data Day LA 2016/ NoSQL track - Privacy vs. Security in a Big Data World,...Big Data Day LA 2016/ NoSQL track - Privacy vs. Security in a Big Data World,...
Big Data Day LA 2016/ NoSQL track - Privacy vs. Security in a Big Data World,...Data Con LA
 
Big Data (security Issue)
Big Data (security Issue)Big Data (security Issue)
Big Data (security Issue)Export Promotion Bureau
 
VSD Zurich 2018: The Data Opportunity
VSD Zurich 2018: The Data OpportunityVSD Zurich 2018: The Data Opportunity
VSD Zurich 2018: The Data OpportunityVeritas Technologies LLC
 
General Data Protection Regulation & Customer IAM
General Data Protection Regulation & Customer IAMGeneral Data Protection Regulation & Customer IAM
General Data Protection Regulation & Customer IAMUbisecure
 
Are you GDPR Ready? Checklist Whitepaper
Are you GDPR Ready? Checklist WhitepaperAre you GDPR Ready? Checklist Whitepaper
Are you GDPR Ready? Checklist WhitepaperServersys
 

Mais conteúdo relacionado

Mais procurados

Safeguarding customer and financial data in analytics and machine learning
Safeguarding customer and financial data in analytics and machine learningSafeguarding customer and financial data in analytics and machine learning
Safeguarding customer and financial data in analytics and machine learningUlf Mattsson
 
ISC2 Privacy-Preserving Analytics and Secure Multiparty Computation
ISC2 Privacy-Preserving Analytics and Secure Multiparty ComputationISC2 Privacy-Preserving Analytics and Secure Multiparty Computation
ISC2 Privacy-Preserving Analytics and Secure Multiparty ComputationUlfMattsson7
 
David Noy – Realising the true potential of software-defined storage
David Noy – Realising the true potential of software-defined storageDavid Noy – Realising the true potential of software-defined storage
David Noy – Realising the true potential of software-defined storageVeritas Technologies LLC
 
Scot-Cloud 2015
Scot-Cloud 2015Scot-Cloud 2015
Scot-Cloud 2015Ray Bugg
 
Cross domain autonomous cooperation cross-domain autonomous cooperation
Cross domain autonomous cooperation cross-domain autonomous cooperationCross domain autonomous cooperation cross-domain autonomous cooperation
Cross domain autonomous cooperation cross-domain autonomous cooperationPeter Waher
 
Smart City Lecture 3 - An Open And/Or Secure Smart City
Smart City Lecture 3 - An Open And/Or Secure Smart CitySmart City Lecture 3 - An Open And/Or Secure Smart City
Smart City Lecture 3 - An Open And/Or Secure Smart CityPeter Waher
 
Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...Ulf Mattsson
 
Expanded top ten_big_data_security_and_privacy_challenges
Expanded top ten_big_data_security_and_privacy_challengesExpanded top ten_big_data_security_and_privacy_challenges
Expanded top ten_big_data_security_and_privacy_challengesTom Kirby
 
Solve Big Data Security Issues
Solve Big Data Security IssuesSolve Big Data Security Issues
Solve Big Data Security IssuesEditor IJCATR
 
GDPR: 20 Million Reasons to Get Ready - Part 2: Living Compliance
GDPR: 20 Million Reasons to Get Ready - Part 2: Living ComplianceGDPR: 20 Million Reasons to Get Ready - Part 2: Living Compliance
GDPR: 20 Million Reasons to Get Ready - Part 2: Living ComplianceCloudera, Inc.
 
Forcepoint Dynamic Data Protection
Forcepoint Dynamic Data ProtectionForcepoint Dynamic Data Protection
Forcepoint Dynamic Data ProtectionMarketingArrowECS_CZ
 
IEEE Standards Impact in IoT and 5G, Day 1, Session 1 - Introduction & Overview
IEEE Standards Impact in IoT and 5G, Day 1, Session 1 - Introduction & OverviewIEEE Standards Impact in IoT and 5G, Day 1, Session 1 - Introduction & Overview
IEEE Standards Impact in IoT and 5G, Day 1, Session 1 - Introduction & OverviewPeter Waher
 
Smart City Lecture 4 - Harmonizing the Internet of Things
Smart City Lecture 4 - Harmonizing the Internet of ThingsSmart City Lecture 4 - Harmonizing the Internet of Things
Smart City Lecture 4 - Harmonizing the Internet of ThingsPeter Waher
 
N-able webinar:Build recurring revenue in 45 days
N-able webinar:Build recurring revenue in 45 daysN-able webinar:Build recurring revenue in 45 days
N-able webinar:Build recurring revenue in 45 daysSolarwinds N-able
 
Cloud data security and GDPR compliance
Cloud data security and GDPR complianceCloud data security and GDPR compliance
Cloud data security and GDPR complianceSalim Benadel
 
Silicon Valley Code Camp Blockchain Oct 2017
Silicon Valley Code Camp Blockchain Oct 2017Silicon Valley Code Camp Blockchain Oct 2017
Silicon Valley Code Camp Blockchain Oct 2017Nelson Petracek
 
What is tokenization in blockchain - BCS London
What is tokenization in blockchain - BCS LondonWhat is tokenization in blockchain - BCS London
What is tokenization in blockchain - BCS LondonUlf Mattsson
 
Big Data Day LA 2016/ NoSQL track - Privacy vs. Security in a Big Data World,...
Big Data Day LA 2016/ NoSQL track - Privacy vs. Security in a Big Data World,...Big Data Day LA 2016/ NoSQL track - Privacy vs. Security in a Big Data World,...
Big Data Day LA 2016/ NoSQL track - Privacy vs. Security in a Big Data World,...Data Con LA
 

Mais procurados (20)

Safeguarding customer and financial data in analytics and machine learning
Safeguarding customer and financial data in analytics and machine learningSafeguarding customer and financial data in analytics and machine learning
Safeguarding customer and financial data in analytics and machine learning
 
ISC2 Privacy-Preserving Analytics and Secure Multiparty Computation
ISC2 Privacy-Preserving Analytics and Secure Multiparty ComputationISC2 Privacy-Preserving Analytics and Secure Multiparty Computation
ISC2 Privacy-Preserving Analytics and Secure Multiparty Computation
 
David Noy – Realising the true potential of software-defined storage
David Noy – Realising the true potential of software-defined storageDavid Noy – Realising the true potential of software-defined storage
David Noy – Realising the true potential of software-defined storage
 
Scot-Cloud 2015
Scot-Cloud 2015Scot-Cloud 2015
Scot-Cloud 2015
 
Cross domain autonomous cooperation cross-domain autonomous cooperation
Cross domain autonomous cooperation cross-domain autonomous cooperationCross domain autonomous cooperation cross-domain autonomous cooperation
Cross domain autonomous cooperation cross-domain autonomous cooperation
 
Smart City Lecture 3 - An Open And/Or Secure Smart City
Smart City Lecture 3 - An Open And/Or Secure Smart CitySmart City Lecture 3 - An Open And/Or Secure Smart City
Smart City Lecture 3 - An Open And/Or Secure Smart City
 
Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...
 
Expanded top ten_big_data_security_and_privacy_challenges
Expanded top ten_big_data_security_and_privacy_challengesExpanded top ten_big_data_security_and_privacy_challenges
Expanded top ten_big_data_security_and_privacy_challenges
 
Solve Big Data Security Issues
Solve Big Data Security IssuesSolve Big Data Security Issues
Solve Big Data Security Issues
 
GDPR: 20 Million Reasons to Get Ready - Part 2: Living Compliance
GDPR: 20 Million Reasons to Get Ready - Part 2: Living ComplianceGDPR: 20 Million Reasons to Get Ready - Part 2: Living Compliance
GDPR: 20 Million Reasons to Get Ready - Part 2: Living Compliance
 
Forcepoint Dynamic Data Protection
Forcepoint Dynamic Data ProtectionForcepoint Dynamic Data Protection
Forcepoint Dynamic Data Protection
 
IEEE Standards Impact in IoT and 5G, Day 1, Session 1 - Introduction & Overview
IEEE Standards Impact in IoT and 5G, Day 1, Session 1 - Introduction & OverviewIEEE Standards Impact in IoT and 5G, Day 1, Session 1 - Introduction & Overview
IEEE Standards Impact in IoT and 5G, Day 1, Session 1 - Introduction & Overview
 
Smart City Lecture 4 - Harmonizing the Internet of Things
Smart City Lecture 4 - Harmonizing the Internet of ThingsSmart City Lecture 4 - Harmonizing the Internet of Things
Smart City Lecture 4 - Harmonizing the Internet of Things
 
N-able webinar:Build recurring revenue in 45 days
N-able webinar:Build recurring revenue in 45 daysN-able webinar:Build recurring revenue in 45 days
N-able webinar:Build recurring revenue in 45 days
 
Cloud data security and GDPR compliance
Cloud data security and GDPR complianceCloud data security and GDPR compliance
Cloud data security and GDPR compliance
 
Silicon Valley Code Camp Blockchain Oct 2017
Silicon Valley Code Camp Blockchain Oct 2017Silicon Valley Code Camp Blockchain Oct 2017
Silicon Valley Code Camp Blockchain Oct 2017
 
What is tokenization in blockchain - BCS London
What is tokenization in blockchain - BCS LondonWhat is tokenization in blockchain - BCS London
What is tokenization in blockchain - BCS London
 
Big Data Day LA 2016/ NoSQL track - Privacy vs. Security in a Big Data World,...
Big Data Day LA 2016/ NoSQL track - Privacy vs. Security in a Big Data World,...Big Data Day LA 2016/ NoSQL track - Privacy vs. Security in a Big Data World,...
Big Data Day LA 2016/ NoSQL track - Privacy vs. Security in a Big Data World,...
 
Big Data (security Issue)
Big Data (security Issue)Big Data (security Issue)
Big Data (security Issue)
 
VSD Zurich 2018: The Data Opportunity
VSD Zurich 2018: The Data OpportunityVSD Zurich 2018: The Data Opportunity
VSD Zurich 2018: The Data Opportunity
 

Semelhante a The GDPR - A data revolution

General Data Protection Regulation & Customer IAM
General Data Protection Regulation & Customer IAMGeneral Data Protection Regulation & Customer IAM
General Data Protection Regulation & Customer IAMUbisecure
 
Are you GDPR Ready? Checklist Whitepaper
Are you GDPR Ready? Checklist WhitepaperAre you GDPR Ready? Checklist Whitepaper
Are you GDPR Ready? Checklist WhitepaperServersys
 
Digital Disruption and Consumer Trust - Resolving the Challenge of GDPR
Digital Disruption and Consumer Trust - Resolving the Challenge of GDPRDigital Disruption and Consumer Trust - Resolving the Challenge of GDPR
Digital Disruption and Consumer Trust - Resolving the Challenge of GDPRRichard Veryard
 
GDPR & the Travel Industry: Practical recommendations for holiday rental owners
GDPR & the Travel Industry: Practical recommendations for holiday rental ownersGDPR & the Travel Industry: Practical recommendations for holiday rental owners
GDPR & the Travel Industry: Practical recommendations for holiday rental ownersSpain-Holiday.com
 
GDPR Explained in Simple Terms for Hospitality Owners
GDPR Explained in Simple Terms for Hospitality OwnersGDPR Explained in Simple Terms for Hospitality Owners
GDPR Explained in Simple Terms for Hospitality OwnersBoostly
 
The GDPR Most Wanted: The Marketer and Analyst's Role in Compliance
The GDPR Most Wanted: The Marketer and Analyst's Role in ComplianceThe GDPR Most Wanted: The Marketer and Analyst's Role in Compliance
The GDPR Most Wanted: The Marketer and Analyst's Role in ComplianceObservePoint
 
Criteo CCPA project
Criteo CCPA project Criteo CCPA project
Criteo CCPA project Gerry L. H.
 
Horner Downey & Co Newsletter- GDPR
Horner Downey & Co Newsletter- GDPRHorner Downey & Co Newsletter- GDPR
Horner Downey & Co Newsletter- GDPRJenny Ferguson
 
Master Data in the Cloud: 5 Security Fundamentals
Master Data in the Cloud: 5 Security FundamentalsMaster Data in the Cloud: 5 Security Fundamentals
Master Data in the Cloud: 5 Security FundamentalsSarah Fane
 
GDPR Pop Up | Human Capital Department - HR Forum - 26 April 2018
GDPR Pop Up | Human Capital Department - HR Forum - 26 April 2018GDPR Pop Up | Human Capital Department - HR Forum - 26 April 2018
GDPR Pop Up | Human Capital Department - HR Forum - 26 April 2018Human Capital Department
 
Preparing for GDPR: What Every B2B Marketer Must Know
Preparing for GDPR: What Every B2B Marketer Must KnowPreparing for GDPR: What Every B2B Marketer Must Know
Preparing for GDPR: What Every B2B Marketer Must KnowIntegrate
 
GDPR + Sales & Marketing A practical guide by Dan Smith Doogheno
GDPR + Sales & Marketing A practical guide by Dan Smith DooghenoGDPR + Sales & Marketing A practical guide by Dan Smith Doogheno
GDPR + Sales & Marketing A practical guide by Dan Smith DooghenoDaniel Smith
 
GDPR 
- The Do’s and Don'ts for Marketeers
GDPR 
- The Do’s and Don'ts for Marketeers GDPR 
- The Do’s and Don'ts for Marketeers
GDPR 
- The Do’s and Don'ts for Marketeers Burst
 
How will GDPR affect small businesses?
How will GDPR affect small businesses?How will GDPR affect small businesses?
How will GDPR affect small businesses?AllBusinessTemplates
 
Piwik PRO The Real Cost of Data Privacy
Piwik PRO The Real Cost of Data Privacy Piwik PRO The Real Cost of Data Privacy
Piwik PRO The Real Cost of Data Privacy Piwik PRO
 
Microsoft and Tech Data’s Ultimate GPDR Glossary
Microsoft and Tech Data’s Ultimate GPDR GlossaryMicrosoft and Tech Data’s Ultimate GPDR Glossary
Microsoft and Tech Data’s Ultimate GPDR GlossaryTech Data
 
Understanding gdpr compliance gdpr analytics tools
Understanding gdpr compliance gdpr analytics toolsUnderstanding gdpr compliance gdpr analytics tools
Understanding gdpr compliance gdpr analytics toolsRominaMariaBaltariu
 

Semelhante a The GDPR - A data revolution (20)

General Data Protection Regulation & Customer IAM
General Data Protection Regulation & Customer IAMGeneral Data Protection Regulation & Customer IAM
General Data Protection Regulation & Customer IAM
 
Are you GDPR Ready? Checklist Whitepaper
Are you GDPR Ready? Checklist WhitepaperAre you GDPR Ready? Checklist Whitepaper
Are you GDPR Ready? Checklist Whitepaper
 
Digital Disruption and Consumer Trust - Resolving the Challenge of GDPR
Digital Disruption and Consumer Trust - Resolving the Challenge of GDPRDigital Disruption and Consumer Trust - Resolving the Challenge of GDPR
Digital Disruption and Consumer Trust - Resolving the Challenge of GDPR
 
GDPR & the Travel Industry: Practical recommendations for holiday rental owners
GDPR & the Travel Industry: Practical recommendations for holiday rental ownersGDPR & the Travel Industry: Practical recommendations for holiday rental owners
GDPR & the Travel Industry: Practical recommendations for holiday rental owners
 
GDPR Explained in Simple Terms for Hospitality Owners
GDPR Explained in Simple Terms for Hospitality OwnersGDPR Explained in Simple Terms for Hospitality Owners
GDPR Explained in Simple Terms for Hospitality Owners
 
The GDPR Most Wanted: The Marketer and Analyst's Role in Compliance
The GDPR Most Wanted: The Marketer and Analyst's Role in ComplianceThe GDPR Most Wanted: The Marketer and Analyst's Role in Compliance
The GDPR Most Wanted: The Marketer and Analyst's Role in Compliance
 
GDPR - what you need to know
GDPR - what you need to know GDPR - what you need to know
GDPR - what you need to know
 
Criteo CCPA project
Criteo CCPA project Criteo CCPA project
Criteo CCPA project
 
Horner Downey & Co Newsletter- GDPR
Horner Downey & Co Newsletter- GDPRHorner Downey & Co Newsletter- GDPR
Horner Downey & Co Newsletter- GDPR
 
Master Data in the Cloud: 5 Security Fundamentals
Master Data in the Cloud: 5 Security FundamentalsMaster Data in the Cloud: 5 Security Fundamentals
Master Data in the Cloud: 5 Security Fundamentals
 
GDPR Pop Up | Human Capital Department - HR Forum - 26 April 2018
GDPR Pop Up | Human Capital Department - HR Forum - 26 April 2018GDPR Pop Up | Human Capital Department - HR Forum - 26 April 2018
GDPR Pop Up | Human Capital Department - HR Forum - 26 April 2018
 
Preparing for GDPR: What Every B2B Marketer Must Know
Preparing for GDPR: What Every B2B Marketer Must KnowPreparing for GDPR: What Every B2B Marketer Must Know
Preparing for GDPR: What Every B2B Marketer Must Know
 
GDPR + Sales & Marketing A practical guide by Dan Smith Doogheno
GDPR + Sales & Marketing A practical guide by Dan Smith DooghenoGDPR + Sales & Marketing A practical guide by Dan Smith Doogheno
GDPR + Sales & Marketing A practical guide by Dan Smith Doogheno
 
GDPR 
- The Do’s and Don'ts for Marketeers
GDPR 
- The Do’s and Don'ts for Marketeers GDPR 
- The Do’s and Don'ts for Marketeers
GDPR 
- The Do’s and Don'ts for Marketeers
 
How will GDPR affect small businesses?
How will GDPR affect small businesses?How will GDPR affect small businesses?
How will GDPR affect small businesses?
 
GDPR: Time to Act
GDPR: Time to ActGDPR: Time to Act
GDPR: Time to Act
 
Piwik PRO The Real Cost of Data Privacy
Piwik PRO The Real Cost of Data Privacy Piwik PRO The Real Cost of Data Privacy
Piwik PRO The Real Cost of Data Privacy
 
Microsoft and Tech Data’s Ultimate GPDR Glossary
Microsoft and Tech Data’s Ultimate GPDR GlossaryMicrosoft and Tech Data’s Ultimate GPDR Glossary
Microsoft and Tech Data’s Ultimate GPDR Glossary
 
Understanding gdpr compliance gdpr analytics tools
Understanding gdpr compliance gdpr analytics toolsUnderstanding gdpr compliance gdpr analytics tools
Understanding gdpr compliance gdpr analytics tools
 
Are you GDPRed yet?
Are you GDPRed yet?Are you GDPRed yet?
Are you GDPRed yet?
 

Último

Aryabhata I, II of mathematics of both.pptx
Aryabhata I, II of mathematics of both.pptxAryabhata I, II of mathematics of both.pptx
Aryabhata I, II of mathematics of both.pptxtegevi9289
 
Social Media Marketing PPT-Includes Paid media
Social Media Marketing PPT-Includes Paid mediaSocial Media Marketing PPT-Includes Paid media
Social Media Marketing PPT-Includes Paid mediaadityabelde2
 
personal branding kit for music business
personal branding kit for music businesspersonal branding kit for music business
personal branding kit for music businessbrjohnson6
 
BDSM⚡Call Girls in Sector 150 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 150 Noida Escorts >༒8448380779 Escort ServiceBDSM⚡Call Girls in Sector 150 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 150 Noida Escorts >༒8448380779 Escort ServiceDelhi Call girls
 
The Science of Landing Page Messaging.pdf
The Science of Landing Page Messaging.pdfThe Science of Landing Page Messaging.pdf
The Science of Landing Page Messaging.pdfVWO
 
Situation Analysis | Management Company.
Situation Analysis | Management Company.Situation Analysis | Management Company.
Situation Analysis | Management Company.DanielaQuiroz63
 
Five Essential Tools for International SEO - Natalia Witczyk - SearchNorwich 15
Five Essential Tools for International SEO - Natalia Witczyk - SearchNorwich 15Five Essential Tools for International SEO - Natalia Witczyk - SearchNorwich 15
Five Essential Tools for International SEO - Natalia Witczyk - SearchNorwich 15SearchNorwich
 
Labour Day Celebrating Workers and Their Contributions.pptx
Labour Day Celebrating Workers and Their Contributions.pptxLabour Day Celebrating Workers and Their Contributions.pptx
Labour Day Celebrating Workers and Their Contributions.pptxelizabethella096
 
Enjoy Night⚡Call Girls Dlf City Phase 4 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 4 Gurgaon >༒8448380779 Escort ServiceEnjoy Night⚡Call Girls Dlf City Phase 4 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 4 Gurgaon >༒8448380779 Escort ServiceDelhi Call girls
 
Kraft Mac and Cheese campaign presentation
Kraft Mac and Cheese campaign presentationKraft Mac and Cheese campaign presentation
Kraft Mac and Cheese campaign presentationtbatkhuu1
 
Uncover Insightful User Journey Secrets Using GA4 Reports
Uncover Insightful User Journey Secrets Using GA4 ReportsUncover Insightful User Journey Secrets Using GA4 Reports
Uncover Insightful User Journey Secrets Using GA4 ReportsVWO
 
How to Leverage Behavioral Science Insights for Direct Mail Success
How to Leverage Behavioral Science Insights for Direct Mail SuccessHow to Leverage Behavioral Science Insights for Direct Mail Success
How to Leverage Behavioral Science Insights for Direct Mail SuccessAggregage
 
Call Us ➥9654467111▻Call Girls In Delhi NCR
Call Us ➥9654467111▻Call Girls In Delhi NCRCall Us ➥9654467111▻Call Girls In Delhi NCR
Call Us ➥9654467111▻Call Girls In Delhi NCRSapana Sha
 
Digital-Marketing-Into-by-Zoraiz-Ahmad.pptx
Digital-Marketing-Into-by-Zoraiz-Ahmad.pptxDigital-Marketing-Into-by-Zoraiz-Ahmad.pptx
Digital-Marketing-Into-by-Zoraiz-Ahmad.pptxZACGaming
 
Major SEO Trends in 2024 - Banyanbrain Digital
Major SEO Trends in 2024 - Banyanbrain DigitalMajor SEO Trends in 2024 - Banyanbrain Digital
Major SEO Trends in 2024 - Banyanbrain DigitalBanyanbrain
 
BDSM⚡Call Girls in Sector 144 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 144 Noida Escorts >༒8448380779 Escort ServiceBDSM⚡Call Girls in Sector 144 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 144 Noida Escorts >༒8448380779 Escort ServiceDelhi Call girls
 

Último (20)

Aryabhata I, II of mathematics of both.pptx
Aryabhata I, II of mathematics of both.pptxAryabhata I, II of mathematics of both.pptx
Aryabhata I, II of mathematics of both.pptx
 
Social Media Marketing PPT-Includes Paid media
Social Media Marketing PPT-Includes Paid mediaSocial Media Marketing PPT-Includes Paid media
Social Media Marketing PPT-Includes Paid media
 
personal branding kit for music business
personal branding kit for music businesspersonal branding kit for music business
personal branding kit for music business
 
BDSM⚡Call Girls in Sector 150 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 150 Noida Escorts >༒8448380779 Escort ServiceBDSM⚡Call Girls in Sector 150 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 150 Noida Escorts >༒8448380779 Escort Service
 
The Science of Landing Page Messaging.pdf
The Science of Landing Page Messaging.pdfThe Science of Landing Page Messaging.pdf
The Science of Landing Page Messaging.pdf
 
Situation Analysis | Management Company.
Situation Analysis | Management Company.Situation Analysis | Management Company.
Situation Analysis | Management Company.
 
Five Essential Tools for International SEO - Natalia Witczyk - SearchNorwich 15
Five Essential Tools for International SEO - Natalia Witczyk - SearchNorwich 15Five Essential Tools for International SEO - Natalia Witczyk - SearchNorwich 15
Five Essential Tools for International SEO - Natalia Witczyk - SearchNorwich 15
 
Labour Day Celebrating Workers and Their Contributions.pptx
Labour Day Celebrating Workers and Their Contributions.pptxLabour Day Celebrating Workers and Their Contributions.pptx
Labour Day Celebrating Workers and Their Contributions.pptx
 
Enjoy Night⚡Call Girls Dlf City Phase 4 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 4 Gurgaon >༒8448380779 Escort ServiceEnjoy Night⚡Call Girls Dlf City Phase 4 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 4 Gurgaon >༒8448380779 Escort Service
 
Kraft Mac and Cheese campaign presentation
Kraft Mac and Cheese campaign presentationKraft Mac and Cheese campaign presentation
Kraft Mac and Cheese campaign presentation
 
Uncover Insightful User Journey Secrets Using GA4 Reports
Uncover Insightful User Journey Secrets Using GA4 ReportsUncover Insightful User Journey Secrets Using GA4 Reports
Uncover Insightful User Journey Secrets Using GA4 Reports
 
SEO Master Class - Steve Wiideman, Wiideman Consulting Group
SEO Master Class - Steve Wiideman, Wiideman Consulting GroupSEO Master Class - Steve Wiideman, Wiideman Consulting Group
SEO Master Class - Steve Wiideman, Wiideman Consulting Group
 
Turn Digital Reputation Threats into Offense Tactics - Daniel Lemin
Turn Digital Reputation Threats into Offense Tactics - Daniel LeminTurn Digital Reputation Threats into Offense Tactics - Daniel Lemin
Turn Digital Reputation Threats into Offense Tactics - Daniel Lemin
 
How to Leverage Behavioral Science Insights for Direct Mail Success
How to Leverage Behavioral Science Insights for Direct Mail SuccessHow to Leverage Behavioral Science Insights for Direct Mail Success
How to Leverage Behavioral Science Insights for Direct Mail Success
 
Call Us ➥9654467111▻Call Girls In Delhi NCR
Call Us ➥9654467111▻Call Girls In Delhi NCRCall Us ➥9654467111▻Call Girls In Delhi NCR
Call Us ➥9654467111▻Call Girls In Delhi NCR
 
Digital-Marketing-Into-by-Zoraiz-Ahmad.pptx
Digital-Marketing-Into-by-Zoraiz-Ahmad.pptxDigital-Marketing-Into-by-Zoraiz-Ahmad.pptx
Digital-Marketing-Into-by-Zoraiz-Ahmad.pptx
 
No Cookies No Problem - Steve Krull, Be Found Online
No Cookies No Problem - Steve Krull, Be Found OnlineNo Cookies No Problem - Steve Krull, Be Found Online
No Cookies No Problem - Steve Krull, Be Found Online
 
Generative AI Master Class - Generative AI, Unleash Creative Opportunity - Pe...
Generative AI Master Class - Generative AI, Unleash Creative Opportunity - Pe...Generative AI Master Class - Generative AI, Unleash Creative Opportunity - Pe...
Generative AI Master Class - Generative AI, Unleash Creative Opportunity - Pe...
 
Major SEO Trends in 2024 - Banyanbrain Digital
Major SEO Trends in 2024 - Banyanbrain DigitalMajor SEO Trends in 2024 - Banyanbrain Digital
Major SEO Trends in 2024 - Banyanbrain Digital
 
BDSM⚡Call Girls in Sector 144 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 144 Noida Escorts >༒8448380779 Escort ServiceBDSM⚡Call Girls in Sector 144 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 144 Noida Escorts >༒8448380779 Escort Service
 

The GDPR - A data revolution

  • 1. The GDPR: a data revolution? Presented by Dan Brookman Twitter: @danbrookman // @AirshipTeam
  • 2. Who we are Airship is a digital customer experience specialist. At our heart is the Airship CRM, a powerful data acquisition, segmentation and broadcast platform that drives revenue through intelligent customer journeys. Revolution Tasty PLC Brewhouse and Kitchen Stonegate Living Ventures Hickory’s Cote Restaurants Yummy Apartment Group Rosa’s Thai Mission Mars Hydes JW Lees West Cornwall Pasty Co Bargain Booze Some Clients
  • 3. Introduction General Data Protection Regulation (GDPR) Comes into force on 25th May 2018 GDPR is new legislation which introduces a wide range of reforms with significant effect on data collection, processing and storage activities. It provides individuals with a suite of new rights in relation their data. No brexit impact, the laws have already been adopted. There maybe implications in the future but the ICO (Information Commissioner's Office) have been pushing for tougher laws for years (so probably not).
  • 4. It needn’t be a burden... It should be seen as an opportunity; - Build customer trust - Higher engagement - Enhance your reputation You are going to see a decline in the amount of new data acquired; however, this is a good thing. The issue of poor quality data and over-acquisition has blighted businesses for years. Opt-ins have been too soft or non-existent, company boards have focussed on the big number, customers have been seen as data records… rather than customers. The GDPR is an opportunity.
  • 5. More Trust A 2016 study by the Chartered Institute of Marketing revealed: - 57% of respondents say they do not trust an organisation to use their data responsibly. - 70% of consumers still fail to see the benefit of sharing their personal data at all. - However, two-thirds (67%) of customers actually say they would share more personal information if organisations were more open about how they will use it. Conclusion The GDPR will help build trust with consumers: be on your front foot, clarity for your customers will yield results!
  • 6. Don’t... MoneySupermarket, Flybe & Honda - All have been recently prosecuted for sending emails to customers who they had not had permission to market to or had previously unsubscribed. Don’t use GDPR as an excuse to pull a fast one on your customers: if they are currently opted out, they remain opted out.
  • 8. Don’t Panic While the regulations come into force on 25th May 2018, it's more than likely going to take a while for them to bed in. A number of provisions are ambiguous and guidance is being drafted by the ICO. No doubt there’ll be a number of test cases before legislation is amended. We’ve all heard the scaremongering around the hefty fines and they are certainly true… the higher of up to £17m or 4% of global turnover plus court litigation… however… The ICO closed 17,300 cases last year and only 16 resulted in fines for the organisations concerned. The ICO’s commitment is to guiding, advising and educating organisations about how to comply with the law. This will not change under the GDPR. "We have always preferred the carrot to the stick." I’m not recommending that you ignore GDPR; I’m recommending that you get your businesses up to speed on GDPR, do your audits, follow the guidelines set out by the ICO, do not panic, and hit the ground running come May 2018.
  • 9. Understanding your data sources Digital Inhouse: Paper sign-ups Comment Cards Business Card Drops Sales Enquiries All businesses have many data sources, as part of your audits you’ll need to ensure that you understand each of those sources and ensure that they are compliant with the GDPR. In the same way, you’ll need to ensure that any inhouse activity is collected under the regulations. The digital sources above are transactional tables within the Airship CRM where we store each instance of customer engagement.
  • 10. WiFi Session: Week View Data automatically categorised by day, session and manually by event. Where you segment customers or profile them based on their activity, you’ll need to let them know how the information is used. This dashboard shows how we take WiFi data and segment customers based on what’s on in the venue at the time they are in their WiFi session.
  • 11. Let’s look at some consumer rights...
  • 12. To be informed Consent must be “freely given, specific, informed and unambiguous” and in the case of automated decisions, consider whether “explicit” consent is required. 1. All consent opt ins should require a recordable manual action completed by a customer. 1. All consent should be granular. For example, where a customer is giving consent for email marketing they should be asked separately if they give consent to be sent text messages or receive sales calls. 1. All consent should be simply and clearly explained directly in the touchpoint they are using. The explanation should be written in a way that is fair to expect customers to understand, and positioned so that the customer can see the explanation in line with the request for consent. Reliance on linked privacy policies or legalese is no longer appropriate.
  • 13. Legitimate Interests Consent is not always practical or necessary so consider the “legitimate interests” condition as well as other lawful processing conditions. Many businesses process data on the basis of their legitimate interests of sending marketing material. You will still need to collect the opt-out either at the point of collection or soon after. This may become a condition which is tested more thoroughly as a consequence of the GDPR changes affecting consent. Don’t use legitimate Interests as a catch-all for your activity.
  • 14. 1. UI Examples: Bargain Booze
  • 15. The right of access Under the GDPR, individuals have the right to obtain: - Confirmation that their data is being processed - Access to their personal data - Other supplementary information - this largely corresponds to the information that should be provided in your privacy notice. - You can no longer charge a fee for the customer to access their data.
  • 16. 2. The right of access Purple WiFi have already implemented their first draft of a ‘right of access’ this example for Airship client Revolution Bars shows the stored personal information and the bars visited. It's their consideration that they meet the legitimate interest condition.
  • 17. Other rights… - of rectification; (the customer has a right to update incorrect information) - of erasure (to be “forgotten”); (the customer has the right to have their data deleted) - to restrict processing; (where you are doing additional segmentation or profiling, the customer has the right to opt-out) - of data portability; (the customer has the right to request an export of their data. A scenario for this might be a customer taking data from their insurance company and supplying it to a competitor for a quote) - to object; and (if a customer objects, you must stop all activity immediately). - certain rights related to automated decision making and profiling (this final point is quite interesting; a scenario might be that you’ve applied for a loan and been refused, you can request the decision making process is shared with you)
  • 18. Other key points to consider 1. Accountability and governance - The new accountability principle 5(2) requires you demonstrate that you comply with the principles and states explicitly that this is your responsibility. 2. Breach Notification - whether you are the data processor or controller
  • 19. Privacy by Design Although not a new concept privacy by design is a key part of implementing GDPR. The ICO describes it as ‘an approach to projects that promotes privacy and data protection compliance from the start’. Whereas this is currently just a recommendation, GDPR makes this a requirement. The best approach to ensure the implementation of privacy by design is through completing privacy impact assessments when planning or reviewing IT projects. Storage of Personal Data It is important where possible to minimise the storage of ‘personal data’ while also ensuring that we have the data you need to deliver your goals. To this end it is important that we use anonymisation and pseudonymisation so that data can be stored in a way which would only in some cases be considered personal data.
  • 20.
  • 21. Conclusion So do you ‘just’ comply or do you become a lean, clean data-driven marketing machine? Saving time and money: maintaining and learning about your customers, and creating better relationships. I know what I would choose and what Airship will be recommending to their clients. The hospitality industry can take a lead on this: it’s time to clean-up. Thanks for your time.
  • 22. The Lawyer bit… Disclaimer…. Thanks to our lawyers, Excello Law, for their help in drafting this presentation. The details provided in this presentation are for information purposes only and should not be relied on as legal advice for the purposes of your business. You are recommended to seek independent legal advice with regard to any of the above before acting upon the same. Both Airship and Excello Law exclude any liability as a consequence of any reliance on this presentation. . Contacts: Dan Brookman E: dan.brookman@airship.co.uk M:07966 796581 Peter Rawlinson: specialist commercial, IT and data protection contract lawyer: E: prawlinson@excellolaw.co.uk M: 07899906476 DD: 0114 2755517