Updated: May 22
Adam Brawdy, Digital Marketing Specialist
What is GDPR?
Our lives revolve around data. From social media, banking and online shopping to purchasing groceries and getting a checkup at the doctor’s office, data dominates most aspects of our lives. This is only growing more apparent as we continue to progress into the Digital Age, which is why the General Data Protection Regulation (GDPR) was approved by the European Parliament in April 2016 and brought into operation in May 2018.
The goal of GDPR is to give citizens within the European Union (EU) more control over their personal data, to avoid privacy and information breaches and to prevent those collecting and storing data from misusing it. Under these new regulations, personal data on EU citizens must be gathered legally and under strict conditions. Those that collect data are also required by law to not only respect the rights of data owners, but they are also bound to protect the data from abuse.
Why should you care about GDPR?
GDPR does not only apply to companies operating within the European Union. These regulations affect all organizations that sell goods or services to EU citizens and businesses, meaning GDPR’s reach extends far beyond the borders of Europe. The punishment for violating GPDR protocol is severe. Those that fail to comply will be subject to a maximum fine of twenty million euros or up to four percent of the violator’s annual global turnover, depending on whichever is greater.
No organization is safe from GDPR. In January 2019, Google was fined close to $57 million for failing to comply with GDPR regulations. During the summer of 2019, Marriott International, a global leader in the hospitality industry headquartered in Washington DC, was fined $123 million as a result of a 2018 security breach that left hundreds of millions of guest records exposed to cyber criminals.
Achieving GDPR Compliance
The implementation of GDPR will require comprehensive changes to business practices for companies that do not already have a comparable level of data privacy in place. Our partners understand GDPR and are experts in helping businesses overcome their GDPR challenges.
The Sitecore Experience Cloud, including the Experience Platform (XP) and Experience Commerce (XC), was created with a privacy-by-design mindset. This approach is crucial, as it requires predicting potential risks involving GDPR and implementing components that address the identified risks. The result is a product stack with features that are tailor-made to support your GDPR initiatives while also effortlessly delivering an exceptional customer experience. To learn more, click here.
Salesforce understands that companies, especially those that fall under GDPR, must respect every individual’s rights in regards to their personal data. As a result, Salesforce’s product suite is hard-wired for GDPR compliance. Salesforce empowers companies to build trust with their customers and deliver extraordinary digital experiences, all while making sure your business remains GDPR compliant. To learn more, click here.
After the adoption of GDPR by the European Union in 2016, Microsoft committed to having their technology GDPR compliant by May 2018. Through significant investment into their products and systems, Microsoft has made it second nature for customers to cope with GDPR. In July of 2018, Microsoft 365 was released with the purpose of simplifying customer compliance efforts. Whether you’re leveraging the new information protection capabilities, managing your own compliance with Compliance Manager, or anything in-between, Microsoft 365 and the Microsoft Cloud make it easy and painless to become GDPR compliant. To learn more, click here.