Europe has implemented the toughest consumer protection laws, starting 25 May 2018. India is expected to follow soon this year. Consumers will have rights that require big shifts in how consumer data is stored, targeted or traded. For example, Consumers have the right to be forgotten. The controller of data should have implemented processes which can comply with such requests. Such regulations bring back the focus on Publishers of content.
In this presentation we are trying to answer:
- Why comply with the GDPR and what happens if you don't
- GDPR's direct effect on your business
- Steps to GDPR compliance and creating Privacy program
- The technical and organisational measures to adapt
Please feel free to contact us for more details on pd@torcai.com
2. Agenda
• Industry Perspective on Data Privacy
• What is GDPR?
• What is Personal Data?
• Who should worry about GDPR?
• Steps of Compliance
• What changes for Publishers
• What changes for Advertisers
• Advantages of Privacy Law Compliance
• Key Takeaways
2Please mail for more details: GDPR@torcai.com
3. Industry Perspective on Data Privacy
• 96% of the respondent feel that both Publisher and Advertiser
who hold the user data should be responsible for its privacy.
• 63% of the respondent feel that a user whose privacy is
protected will be a more loyal user.
• 50% of the respondent feel that the user can question both
Advertisers & Publisher to check who has their data.
3Please mail for more details: GDPR@torcai.com
4. What is GDPR?
• GDPR is a set of rules designed to give EU residents more
control over their personal data on any medium
– User rights
– Fair and transparent processing
– Significant obligations on businesses
4
INDIAN LAW: A draft for general data protection law has been announced. Moreover, the Information Technology
Act 2000 gives a right to compensation for improper disclosure of personal information by businesses. In 2011, the
Government published the Information Technology Rules (Rules), which contain detailed requirements relating to the
processing of personal data.
Please mail for more details: GDPR@torcai.com
5. What is Personal Data?
Name Email ID
Cookie IDFinancial Info
Mobile Number Device ID
Location IP Address
Aadhar-Govt. ID Advertising ID
5Please mail for more details: GDPR@torcai.com
6. Who should worry about GDPR?
• If you are capturing any personal data
• If you are doing any personalisation
• If you are transacting users personal data
• If you are using any personal data for
marketing purpose
• If you are using any personal data for
commercial purpose
• If you are using any personal data for
offering Product/Service
6Please mail for more details: GDPR@torcai.com
7. Steps of Compliance
• Audit to identify how compliant you are under current data
protection laws
– Customer Consent framework
– Data Pipes
– Ticketing System
– Security policy
– Validating current Policies and Contracts
• Execution of Compliance requisite solutions to be deployed to
manage consent, approvals and customer complain ticketing
• Ongoing Management User Data Privacy compliance will be an
ongoing issue for both data controllers and processors.
7Please mail for more details: GDPR@torcai.com
8. Technical & Organisational Measures
• Issuing of relevant consent forms
• View of consumer data repositories and audit trails of data
usage by various business functions
• Flow of consent to all relevant stakeholders
• Feature builds of erasing user data in all business
functions/modules
• Feature builds of reporting the data usage to the user
8Please mail for more details: GDPR@torcai.com
9. What changes for Publishers
• Publishers will be the gatekeepers (of user consent)
• Need to buy data with consent in view
• Consent gateway
• Need to coordinate with a DPO in case of data breach & inform
users accordingly
9Please mail for more details: GDPR@torcai.com
10. What changes for Advertisers
• Need to buy data with consent in view
• Need to update the RTB stack to check for consent signal
• Need to ensure compliance when doing direct buys
• Need to coordinate with a DPO in case of any data breach &
inform users accordingly
10Please mail for more details: GDPR@torcai.com
11. Advantages of Privacy Law Compliance
• Thumbs up to Personalization
• Consolidated User Data
• Centralized Communication thus
reducing marketing cost
• Increased Loyalty Quotient
• Avoid penalties and negative PR
11Please mail for more details: GDPR@torcai.com
12. Key Takeaways
• If you have consumer touch points, relook at your data
practices and policies
• Go back to the drawing board to re-evaluate your data tech &
privacy policies
• User Data Privacy & Protection laws are here to stay, so get a
head start
• It pays to be compliant!
12Please mail for more details: GDPR@torcai.com