Product Page Header Module
Intro text Module
The General Data Protection Regulation (GDPR), which came into force May 2018 onwards has changed the business and regulatory environment in the European Union (EU) and beyond. GDPR places new demands on companies to have in place strict processes to collect, store, process and use personally identifiable data of EU citizens. The law offers individuals greater control over their own data, and strengthens data protection efforts across the region. Non-compliance can result in huge fines of up to 4% of a company’s global annual turnover or €20 million, whichever is higher.
All companies with customers in the EU need to be conscious of aligning their systems and processes with the provisions of GDPR. While it may be a minor inconvenience in the short-term, GDPR is geared to accelerate the digital transformation efforts for many companies. As data becomes a significant resource in the Internet of Things (IoT) economy, inbuilt checkpoints laid down by GDPR will go a long way to improving customer trust and loyalty, as well as enhancing business efficiency and paving the way for true digital transformation.
Service providers need to work with partners and suppliers who embrace the spirit of GDPR and view the regulation as an enabler of digital transformation. While there is no uniform approach towards GDPR implementation, it is important that vendors offer the necessary support required for GDPR compliance, and service providers develop a holistic action plan to comply with the law.
Cerillion has been at the forefront of compliance with GDPR, and our team of experts have ensured that our systems are aligned with the unique demands of the regulation. Our approach towards GDPR is one of continued commitment towards the success of our clients.
Our customer management solutions help our clients to achieve GDPR compliance in the following ways:
- Consent management – Provides the ability to communicate clearly how customer data will be used and to obtain explicit opt-in consent for inclusion in marketing campaigns, including separate settings for email, phone, SMS and direct mail (post).
- Right to erasure – Provides a two-step authorisation process to manage the deletion of customer-related data, subject to retention where there is still a lawful basis for processing.
- Time-based archiving – Offers the ability to configure automatic time-based archiving of customer data when there is no longer a lawful basis for processing.
- Security – Comprehensive role-based access controls for system functions and customer data, as well as encryption of sensitive personal information and regular external security testing for online (internet-accessible) applications.
- Auditability – Comprehensive audit trails at application and database levels, including user id and date/time stamps.
GDPR: Threat or Opportunity?
The General Data Protection Regulation (GDPR), which came into effect on 25th May 2018, is among the most robust data protection regulations the European Union has seen in two decades. GDPR not only covers businesses within the EU, but also those that have business interests in the region, even if they are based outside the EU. In that sense, it is a truly global legislation that imposes strict standards for data privacy and implement a uniform data protection regime for all customers within the EU.