We’ve been talking about it for a while, but here we are. The GDPR officially comes into effect on May 25th, and for SaaS companies, it’s time to finalize their compliance efforts.
The EU General Data Protection Regulation (GDPR) is said to be the most important change in data privacy regulation to date. The GDPR’s primary goal is to protect and empower all European Union citizens’ data privacy.
Remember, the GDPR applies to organizations located within the EU, but it also affects organizations located outside of the EU if they have EU customers and monitor the behavior of EU subjects.
For Customer Success organizations, the GDPR translates into an obligation to closely monitor where customer data is stored and how it's used.
Non-compliance penalty fines can go up to 4% of annual global revenue or 20 million euros - whichever is higher.
Because the main goal of the GDPR is to give subjects control over how their data is collected and used, companies will need to get affirmative consent, and justify their actions when using personal data.
The first step should be to assess where you keep critical information, what apps are using that data, and where your database is geographically located. Once your data security audit is done, you will need to set up your systems to make sure you are protecting the data that customers entrust you to manage.
Here are some steps you should take:
Make your opt-in explicit as opposed to implied. You should get explicit consent to collect and retain personal data.
Make data erasable. The right to be forgotten clause specifies that the customer can request removal of all personal data from a database.
Make the data you collect easily downloadable. Customers have control over portability, which means they should be able to obtain a full record of their data which is readable and exportable.
In order to help our customers comply with the GDPR, Amity opened a new Amazon AWS data center in Ireland. This will allow Amity users to host their customer data in the EU.
Do you have questions about how the GDPR affects you and your customer data? Send us a note and we’d love to chat!
About the Author
Mathilde is the Manager of Digital Marketing at Amity. After moving from France to complete a degree in Political Science from McGill University, she made her way to Toronto in order to pursue her passion for Marketing and Tech.More Content by Mathilde Augustin