We are here! We are now very close to the entry into force of the GDPR (General Data Protection System), or the new General Data Protection Regulation (EU/679/2016), which was adopted on April 27, 2016 and aims to strengthen and unify the laws of in the area of the protection of personal data of natural persons, as well as in the area of the free movement of such data.This regulation repeals Directive 95/46/EC, effectively ushering in a new era of privacy.
Blendee, which has always been extremely sensitive to these issues, has again adopted an innovative approach that goes beyond the simple dictates of the regulations, guaranteeing its customers and their end users, total transparency about the correct use of the data collected. Since 2017, in fact, Blendee has adopted systems capable of guaranteeing what later became the pivotal elements of the new regulation.
In fact, the technology on which the software is based is much more articulated and comprehensive than simple cookie tracking; one example above all is the use of fingerprinting, which can guarantee greater precision of the data collected. Such technologies moreover make feasible one of the consumer protection aspects most stressed by the new regulation, namely the consumer’s right to be forgotten. In fact, Blendee’s omnichannel set-up ensures that the exercise of this right takes place on all channels tracked by the platform, thus guaranteeing consumers in a reinforced way.
Changes introduced by the GDPR
Let’s look together at the most important changes introduced by the GDPR:
- Server Territoriality:Your personal data (and your customers’ data) will have to be stored on European territory. If the data is stored outside the EU territory, in accordance with the GDPR, Blendee will take care to verify that the countries to which the data is transferred ensure an adequate level of protection of personal data (adequacy decision of the European Commission), or appropriate safeguards are in place through contractual instruments (model clauses; binding corporate rules).
- Right to be forgotten:Your users have the right to be forgotten and, at their request, you should be able to effect the deletion of their data from your database.
- Right to portability:Your customers have the right to request that their data be returned to them or be transferred to another company in a structured, commonly used, electronically readable format.
- Request for Consent:Consent to the processing of personal data must still be requested in the prescribed manner and with respect to a properly worded notice.
- Data protection guarantee:You should enforce data protection by design (privacy by design) of your IT solutions and systems.
- Increased penalties: Administrative fines for violating the regulations increase- up to 20mln euros and 4 percent of turnover, whichever is higher.
- Accountability of administrators:The new accountability rules are instrumental in ensuring that the owner has taken organizational and technological security measures appropriate to the risk and is able to demonstrate that its processing is done in accordance with the GDPR.
- Security Breach Notification:You are obliged to notify the Data Protection Authority of any incident involving a data breach under the profiles of loss of confidentiality, integrity and availability, and you have a short deadline to do so: 72 hours!
These are important changes that, with the use of Blendee, you are assured of both in terms of how the data is collected and all procedures for its storage, use and eventual deletion.You can then continue to work and in total peace of mind, confident that your data, as well as those of your consumers, are handled in a manner that is fully compliant with the new regulations!
