A modern marketer has at least one Martech player as its partner, either as a system vendor or a “turnkey” service provider. The future Data Protection Regulation and its impacts have been interpreted in many organizations in several ways. These differences of interpretation can be a risk when organizations interpret the GDPR legislation and their impact on their practical actions in different ways.
Every modern marketer should start at this point in time and take a quick look at his situation.
Everything starts with mapping
First, the technologies and partners with which personal data are processed are to be explored. Next, we need to look at how the organization processes personal information in a partner environment. Then, it must be ensured that everyday practices for the sharing of personal information and the handling of the partners are in order.
Once the First Steps have been made, it’s time to ensure that your partners and your organization’s interpretations of the changes to the regulation are in the same line.
Which information is your personal data in your organization? What registers do you maintain and which of these are registry based permissions and what other registers are there to maintain?
What about the license-based registers that exist before GDPR’s entry into force? Do they need to do something or do anything? What does the permit verifiability requirement or the period of authorization mean in practice?
No partner is forgotten
Map or ask your marketing partner to map all existing processes and automated programs that use profiling and automated decision making. For these processes, it must be ensured that any prohibition is realized.
When these questions are answered with one partner and the practical operations are in line with your interpretations, the same survey work will be done with each relevant partner.
Organizations that manage high-risk communications make the GDPR interpretations and practices an easy-to-share “Playbook” or a handbook that facilitates cooperation with existing and future partners. By doing so, you will ensure that your organization and partners are at least on the same page from the moment GDPR enters into force.
It is important that you ask each of your partners to get acquainted with, review and understand the interpretations and impacts of the manual in practice – even when personal changes are made to your partner’s affiliate team.
Need help with GDPR?