What is GDPR?
- General Data Protection Regulation, going into effect May 25th, 2018, aimed at protecting the Personally Identifiable Information of European Union citizens
- Will replace the former Data Protection Directive
- All organizations that collect, store or process PII of EU citizens will be subject to the regulation, regardless of where they are physically located
- Applies to both data controllers and data processors
Data Subjects Have the Right to:
- Access the personal data collected or processed by a company
- Correct any errors in their personal data
- Request a company erase their personal data
- Object to a company processing their personal data
Organizations are Required to:
- Be able to adhere to the requests of a data subject
- Protect the data they collect
- Notify authorities of data breaches
- Maintain the proper legal basis for collecting or processing data
- Keep records detailing data processing
- Provide data subjects notice of data collection
- Define data retention and deletion policies
- Train all personnel on privacy procedures
- Update policies
- Ensure any vendors they transfer PII to are adhering to the same standards.
What is PII?
- Any data that can be used to identify an individual
- Includes, but is not limited to
- First and Last Name
- Physical Address
- Email Address
- Phone Number
- IP Address
- User Agent
- Device ID
What has Perform[cb] done to prepare for GDPR?
As an organization, we take all matters of compliance and privacy seriously, and we have taken all necessary steps to become compliant with GDPR. Over a 6 month process, we have worked closely with privacy experts and industry law firms specializing in both internet advertising and privacy. Our GDPR compliance team has conducted a thorough review of our proprietary technology platforms, our partnerships and our internal and external process. We have made updates to our various privacy policies and informed all of our partners of any updates to our agreements as well as conducted internal employee training. We maintain that our company will be in and remain in compliance with GDPR.
UK Information Commission Office
If you have any questions on Perform[cb]’s privacy policies, you can reach out directly to your account manager or send an email to firstname.lastname@example.org. If you have questions regarding what steps your business should be taking to prepare for the enactment of GDPR, we encourage you to consult legal experts.