On May 25, 2018, the GDPR or General Data Protection Regulation will go into effect. We’ve all been working towards the goal of being compliant for a while now and to many, it feels like a somewhat threatening deadline.
At EVO, our philosophy is that these new regulations are an opportunity to connect with our clients and partners, to discuss these changes in the long term and establish even more trust. User data are precious and strengthening all our existing security structures will be a consistent duty and priority from now on.
Becoming GDPR compliant: 5 concrete steps
For over a year now, we’ve been working on our GDPR compliance. So, what did we do and how?
Step 1# Hiring a specialised law firm
As a Performance Marketing group, we deal with personal user data everyday. That’s why our first step, which we took more than a year ago, was to get informed about how the GDPR would affect our business, our clients and our partners specifically.
We hired a law firm that specialises in data management and data regulation issues.
Together, we analysed all the changes we’d have to make and established a work plan.
Step 2# Team awareness & training
In order to inform everyone within our group and start implementing all the necessary changes and additions to our systems and structures, we organised 4 themed workshops:
- Introduction to the GDPR & the roadmap
- EVO and subcontracting
- EVO and data treatment responsibility
- EVO and HR
Step 3# Assigning a DPO
We found and assigned a Data Protection Officer (DPO) to advise us on our data management. Our DPO will be a permanent member of our team and will make sure all our systems are and remain GDPR compliant.
Step 4# Implementing a GDPR Task Force
After these first steps, it was time to put all this knowledge into practice. The new data security regulation requires real adaptations in our organisation and technology.
We founded a GDPR Task Force, that consists of a group of experienced developers, spearheaded by our lawyer, DPO and in-house GDPR expert.
They’ve been working on an extensive list of technical tasks that need to be implemented in order for EVO to be able to be compliant. Just like our DPO, this task force will be permanent from now on and will keep EVO’s systems and tech updated with all matters concerning data protection.
Step 5# Preparing the future
After May 25, it won’t be over. It’s actually only the beginning of a whole network of laws to protect people’s online presence.
By the end of 2018, there will be a new law concerning e-privacy and cookies. It’s currently being reviewed and discussed at a European level. We are also expecting many reviews of GDPR and other updates. So, for now, our teams are preparing, but definitely
STAY TUNED FOR MORE!
Everything about the GDPR :
Prepare for GDPR in 13 steps : Pdf in French / Pdf in Dutch