Lessons learnt from the Facebook & Cambridge Analytica Saga – Part 3 (Your GDPR responsibilities)

Part 3: Your GDPR responsibilities

After all the hype and hysteria, GDPR has finally landed, so in the final part of our Facebook / Cambridge Analytica series, we focus on how to avoid the predicament that both Facebook and Cambridge Analytica found themselves in.

Here are 5 key points that we advise our clients should consider in relation to the GDPR:

1. Make sure all data capture has specific consent notices for why the data is being captured, what you plan to do with it and how long it will be held for.

2. Timestamp all-new consents from online data capture.

3. Name all tools used to track users on your website (examples might include Lead Forensics, GoToWebinar, iPerceptions, Google Retargeting) in your Privacy Policy.

4. Ask all Data Processors to provide you with information on what processes they have in place to meet GDPR compliance.

5. If you are using user profiling tools (like Kentico EMS) allow users to unsubscribe from Cookie Tracking.

Rather than seeing the new regulatory changes as something to fear, it is actually the perfect opportunity for all organisations to start from scratch in some cases and in other cases to firm up their existing data handling processes.

Interested in learning more? Watch a replay of our recent UX and GDPR webinar.

Share This

Subscribe to our mailing list