Ensures proactive GDPR compliance
In May 2016 the European Union (EU) approved the entry into force of the General Data Protection Regulation or GDPR, the regulation on the processing of data with the greatest impact within the European environment. Its mandatory application began on 25 May 2018.
¿What is GDPR regulation?
The general data protection regulation or GDPR aims to regulate how companies are supposed to process and manage the data of users residing within the European Union. Regulation increases users’ rights to their information and promotes the transformation of companies at all levels.
Who should comply with the GDPR?
The scope is almost universal . Any company that offers goods or services to residents in the European Union (EU), stores information or data on residents in the EU or has employees within the EU, must be aligned and adjusted to the new regulation, regardless of its geographical location. If the company acts only as a controller or data processor, then it must also comply with the GDPR.
Failure to comply with the regulation leads to fines in excess of 20 million euros or 4%of the total profit generated by the company worldwide the previous year, the penalty being the amount that represents the largest amount of money.
How can DruID help you with GDPR?
The strategic nature of DRUID, within the framework of relational management, means that it must manage millions of unique identities within complex digital ecosystems and with different types of users (consumers, stakeholders, tenants, influencers, investors or employees among others) For this reason and since its conception, DRUID has been exposed to constant audits relating to compliance with regulations and policies on data protection, such as the LOPD in Spain and more recently the GDPR. All these audits have been successfully passed, shared and validated by our clients. Some of the direct application capabilities are:
Different combinations of check-boxes (Opt-in, T&C)
Depending on each strategy, type of company, proposed service and/or digital window, we can facilitate the configuration of different consents, adjusting the texts and check-boxes dynamically. This versatility guarantees compliance with the law and simplifies the management associated with the evolution of different privacy policies or terms and conditions, which must be presented and accepted by users.
Automated sign on capture
We make automated screenshots in each one of the digital points in which users sign up. In this way, it is possible to justify before any claim or judicial request of a certain user registration. We give a copy of the accepted terms and conditions, the completed fields, the accepted or denied checkboxes and the images of the entry point (web, app, etc.).
All actions taken by users within the digital ecosystem are traced and can be consulted by authorised administrators (e.g. DPO). In this way, the response times to any complaint, change or update of data are speeded up.
In addition, all activity carried out in the Administration Cockpit by external collaborators and agencies during the integration or management of new contact points is recorded and easily auditable.
User private area
We have a simple and understandable user area (as required by the GDPR), accessible from any of the company’s digital contact points and where our registered public can freely exercise all their rights. In this way we provide continuous access to all your information easily, without the need for complex bureaucratic processes. Natively we allow:
- ARCO Rights for Access, Rectification, Cancellation and Opposition.
- The right to be forgotten, allowing users to exercise their rights directly or indirectly, guaranteeing the erasure of all or part of their data upon any request.
- Data portability right in a compatible format at a basic and advanced level.
- The right to limit the processing of data without this leading to account termination.
- Right of opposition to the drawing of profiles, preventing your data from being used to generate scores or segmentations.
- Right of opposition to automatic decision making, avoiding the execution of automatic processes that discriminate, either positively or negatively against the user in the database, without human intervention.
- Right to object on the part of the interested party to modify its conditions as far as the treatment of data is concerned.
For all type of users
We manage different types of users and profiles, not just consumers. DRUIDmanages data on people and is designed to respect, safeguard their identity and allow intelligent management of different terms and conditions depending on the strategy of each of the digital windows. Broaden your horizon and think about how to start relating also with stakeholders, employees, influencers, tenants, suppliers, customers…