Privacy

The Final GDPR Countdown Is On

Becky Doles

An image of the European Union flag design with a lock in the middle, representing GDPR.

Image by Harakir on Pixabay

In just a few days, the General Data Protection Regulation will finally go into effect, impacting how companies collect and process personal data like never before. Although the GDPR is a European Union law, it affects every company that deals with the data of end users in the EU, and packs a punch for non-compliance — up to 4% of annual global turnover or 20 million euros (whichever is greater).


The GDPR and data privacy are just a couple of the topics we’re tackling at Postback 2018. Held over July 19-20 in Seattle, Postback brings together the best minds in the industry to network, share ideas, and build lasting relationships that drive the future of mobile marketing.

Register for Postback 2018


In this blog post, we’ll address how well companies have prepared for the GDPR, its impact on different regions, and how those with the most at stake plan to manage their business moving forward.

Some Companies Are Ready (And Some Definitely Are Not)

Even though the GDPR enforcement deadline is this Friday, there’s a lot of discrepancy in preparedness among brands. According to a survey by WinMagic, ahead of the GDPR deadline, 62% of IT decision makers describe themselves as confident, while 18% say they are nervous.

In addition, half (51%) of companies say they’re ready and able to remove personal data from their servers (including back-ups) — but almost a quarter (20%) of companies are not. And analytics firm SAS reports that 46% of UK and Irish companies won’t meet the deadline, and only 7% of businesses worldwide appear to be fully compliant.

Yet the biggest impact may actually be felt outside the EU, where there are less stringent regulatory privacy expectations — and, as a result, more companies that may have had a larger data privacy gap to make up. In the U.S., for example, citizens don’t have the same expectation or codified right to privacy as they do in the EU. The U.S. has privacy laws for “sensitive” data, such as healthcare or financial information, but is more lax when it comes to less sensitive “general” data.

An Ounce of Prevention

Companies with the most at stake have likely already put systems in place to prepare for the GDPR and are planning to weave compliance into their infrastructure in the coming years. We’ve seen companies take the following approaches, some of which you may want to adopt as your own if you haven’t yet:

  • Implementing privacy policies and procedures
    To cover all your bases, have professionals implement policies and procedures to affect end user rights, including right to access, right to erasure, and right to data portability, among others. Appointing a privacy point of contact is also crucial.
  • Taking inventory of your data collection points
    What information do you hold, and how do you get it? Knowing the specific locations where you collect and process data (including apps, websites, cookies, and tags) will help you cut down on unnecessary information.
  • Helping every employee understand their role
    All companies should take steps to help everyone in the organization understand the GDPR and how they can contribute to compliance. That includes reminding employees of privacy best practices, such as not sharing customer data with external parties.
  • Informing your customers at every chance
    Finally, as you may have noticed from the barrage of GDPR-related emails hitting inboxes recently, the next step is to make your data handling clear to customers, including how they can access their data, update it, and request to have it deleted.

“This regulation is unprecedented in impact and scope in the digital advertising world, and will serve as a differentiator for organizations ready to embrace the new normal for data privacy and security.” — TUNE CEO Peter Hamilton

Learn More

Ultimately, the GDPR is designed to make the industry more transparent, improve customer trust, and minimize the risk of breaches. Though it’s a lot to get in place for companies who haven’t been focusing on these best practices, it’s designed to be a good thing for everyone — marketers and consumers alike.

Read more about what TUNE is doing to prepare for the GDPR here.

 


The GDPR and data privacy are just a couple of the topics we’re tackling at Postback 2018. Held over July 19-20 in Seattle, Postback brings together the best minds in the industry to network, share ideas, and build lasting relationships that drive the future of mobile marketing.

Register for Postback 2018

Author
Becky Doles

Becky is the Senior Content Marketing Manager at TUNE. Before TUNE, she handled content strategy and marketing communications at several tech startups in the Bay Area. Becky received her bachelor's degree in English from Wake Forest University. After a decade in San Francisco and Seattle, she has returned home to Charleston, SC, where you can find her strolling through Hampton Park with her pup and enjoying the simple things between adventures with friends and family.

Leave a Reply