The General Data Protection Regulation (GDPR)

Cumplimiento del RGPD
The data governance opportunity from the General Data Protection Regulation and what to do about it
Get an Assessment
What is GDPR?

El Reglamento General de Protección de Datos de la UE es una legislación europea destinada a consolidar las regulaciones de privacidad de datos en toda Europa. A pesar de estar basado en la UE, los requisitos del RGPD afectan a las empresas de todo el mundo que realizan negocios en la UE o controlan el comportamiento de los ciudadanos de la UE. Las empresas que no cumplen el RGPD están sujetas a multas administrativas de 20 000 € o el 4 % de los ingresos mundiales, el valor que sea superior. Mira nuestro vídeo para obtener más información:

Tealium helps companies with GDPR by supplying data governance tools giving visibility into the collection and usage of customer data, while also supplying tools for consumers to manage their data preferences. Combined with resolving customer identity across channels and devices giving a single view of the customer, these data governance tools allow organizations to better see and manage their usage of data to improve performance and mitigate risk.

In the News:
Digiday: ‘Only enforcement will bring change’: Ad tech responds to regulator’s GDPR warning
VentureBeat: British Airways faces record $230 million GDPR fine over data breach
TechCrunch: GDPR adtech complaints keep stacking up in Europe

Get Resources to Help with GDPR
Sign up to receive updates on how to implement data governance for GDPR

GDPR Impact Series 2018

Identifying its impact on marketers and the consumer’s moment of truth

Read the Report

How Can You Get Started Meeting GDPR Requirements?
To help get your data governance strategy in order, here are resources to help you take control of customer data security:

Papers

Browse our collection of data governance downloads to help you plan your strategy:

White Paper: Data Governance – How well are you protecting your data?

Download: 5-step Data Governance Checklist

Videos

Watch these videos to understand the data protection landscape:

On-Demand Webinar: GDPR: Tactical Steps to Take to Ensure Compliance

On-Demand Webinar: A Not-So Normal Webinar on GDPR: Creating your Organization’s Plan

Video: Protecting Customer Data with Tealium IQ

So How Can Tealium Help?

Out of the box, Tealium has many features supporting data governance efforts to address GDPR and other data protection needs.

Tealium Customer Data Hub Includes:

Audit Data Layer Mappings – Review data flows easily with visual tool to understand where data is going and who has access
Data Layer Inventory – Reference data being collected in the data layer to understand what data is being collected and processed
Control Data with User Role Permissions & Resource Locks – Provide clear and accurate notice of data usage both internally, with policy and process, and externally, through notification
Form a Data Governance Panel with Using Tealium Workflow and Panel – Implement automated internal processes to better comply with data protection regulations
Protect User Privacy with Tealium’s Privacy Widget – Communicate your data policy across your organization, and to customers and vendors

Additionally, Tealium’s Data Governance Package is available for organizations seeking a higher level of support.

Tealium Data Governance Package Add-ons:

Consent Manager – Let users opt-in or opt-out for technology tags
Opt-in Notification – Banner to inform end user of cookies usage
‘Do Not Track’ Compliance – Extra level of consumer privacy control
Tag Marketplace Policy – Restrict tag marketplace based on InfoSec requirements
Data Layer Governance Configuration – Professional best practice configuration
User Roles & Permissions – Configuration based on least access best practices
Data Layer Verification – Quarterly scan for proper configuration
User Management Audit – Quarterly audit to ensure security
Data Layer Review – Manual quarterly review of automated checker
Data Governance: Reduce GDPR Risk & Improve Marketing Effectiveness

The GDPR is another reminder of how marketers, and businesses overall, need to improve their management of sensitive customer data. While market leaders have adopted a unified approach to data governance as a strategic initiative to improve marketing relevance and timeliness, the vast majority of companies are stuck managing data inside departmental or technological silos that create risk and uneven experiences. Ironically, this new regulation might be just the compelling event that will propel marketers to truly become data-driven, simultaneously allowing for data security measures and increased marketing effectiveness.

Given our unique position in the data supply chain, having Tealium as a trusted partner builds confidence in your business’ ability to appropriately and legally manage data, while significantly reducing your reliance on your digital marketing and analytics vendors to adhere to privacy standards. Read our Data Governance white paper to learn more.

12 Key Changes to Customer Data Protection Regulations – Implications

In addition to recommended steps to building your data governance strategy, here are 12 key facts and steps that you should take to prepare for GDPR:

1. “Personal Data” is Becoming Broader – The definition of personal data will be expanded to include genetic, economic, or social identity data.

2. Compliance Required for Companies Outside the EU – Any company, regardless of where it’s based, must comply with the regulation if it deals with an EU citizen’s personal data.

3. New Special Protections for Children’s Data – Parental consent will be required, so businesses will need to implement procedures to obtain consent.

4. Getting Valid Consent – Consent must be simple and clear. Silence or inactivity will not constitute consent.

5. Data Breach Notification Requirements – Placing a greater onus on data supply chains, all data breaches potentially harming individuals must be reported to regulators and the individual.

6. The Right to be Forgotten and Access Requests – Companies will have to give individuals access to data collected in a timely manner and requires that data subjects have the right to be forgotten.

7. Mandatory Privacy Risk Impact Assessments (PIA) – There will be conditions under which a PIA is mandatory in high-risk situations.

8. Privacy by Design – Privacy in a service or product must be built in from product conception and should only collect the minimum personal data possible.

9. Contractual Requirements – Data protection will need to be clearly documented and this could impact contract negotiations for risk and security considerations.

10. International Data Transfer Concerns – The regulation also applies to data processors, so there is risk in transferring data to countries outside the EU.

11. Data Portability – Businesses have to provide data collected to subjects electronically and in a commonly used format.

12. Introduction of the Data Protection Officer (DPO) – Some businesses will need to hire or appoint a DPO to oversee data security compliance.

Does Brexit mean UK companies
don’t need to comply with GDPR?

No. Todas las empresas que se ocupan de los datos de los ciudadanos de la UE, independientemente de su ubicación, están sujetas a multas administrativas de 20 000 € o el 4 % de los ingresos mundiales, el que sea superior. Se ha especulado que Reino Unido implementará regulaciones similares después del Brexit.

Need Help Trying to Figure Out What GDPR Means for Your Business?

Los consultores de soluciones de Tealium son especialistas y están preparados para ayudarte a organizar tu plan de gobernabilidad de los datos para que puedas cumplir con el RGPD.