- Client:Liberty Global | Telecom | 2017-2018
- Categories:Big Data, Business Strategy, Data Privacy
The European General Data Protection Regulation is a regulation in EU law on data protection and privacy. In 2017-2018 I was a team member of a pan-European GDPR project.
The GDPR project
This client’s pan-European GDPR project covered a wide variety of topics related to the European General Data Protection Regulation. Consequently this project had several sub-projects, like ‘GDPR and digital marketing’.
Important note
I’m not a lawyer and this project summary does not -in any way- constitute legal advice. However, it does specify some important and required steps in light of the European General Data Protection Regulation.
GDPR and digital marketing
Each GDPR project started with a so-called Privacy Impact Assessment (PIA), or Data Protection Impact Assessment (DPIA). These assessments contained several questions. For example:
- What data is processed? And for which purpose?
- Who has access to this data and why (including partners/suppliers)?
- How and where is this data stored? And what is the retention period?
- And finally, how do we manage consent and the right-to-be-forgotten?
Subsequently, I conducted an assessment for these tool within the digital marketing ecosystem:
- Adobe Analytics Cloud
- Cookie Consent
- Google 360
- LivePerson
- Tealium
- As well as various other advertising technology solutions
A risk analysis was conducted after these assessments, containing questions to assess threats and risks per platform. For instance risks like unauthorized access to or unwanted modification of personal data.
Resources
Above all GDPR is a complex topic. So here are a few links that can help you shape your project.
- Running a GDPR Project – by Medium.com
- General Data Protection Regulation legal info – by Intersoft Consulting Services
If you like to read about other projects, feel free to visit my portfolios page.