What Customer Success Managers Need to Know About the GDPR

May 17, 2018 Mathilde Augustin

What Customer Success Managers Need to Know About the GDPR

We’ve been talking about it for a while, but here we are. The GDPR officially comes into effect on May 25th, and for SaaS companies, it’s time to finalize their compliance efforts.

The EU General Data Protection Regulation (GDPR) is said to be the most important change in data privacy regulation to date. The GDPR’s primary goal is to protect and empower all European Union citizens’ data privacy.

Remember, the GDPR applies to organizations located within the EU, but it also affects organizations located outside of the EU if they have EU customers and monitor the behavior of EU subjects.

For Customer Success organizations, the GDPR translates into an obligation to closely monitor where customer data is stored and how it's used.

Non-compliance penalty fines can go up to 4% of annual global revenue or 20 million euros - whichever is higher.

Because the main goal of the GDPR is to give subjects control over how their data is collected and used, companies will need to get affirmative consent, and justify their actions when using personal data.

The first step should be to assess where you keep critical information, what apps are using that data, and where your database is geographically located. Once your data security audit is done, you will need to set up your systems to make sure you are protecting the data that customers entrust you to manage.

Here are some steps you should take:

  • Make your opt-in explicit as opposed to implied. You should get explicit consent to collect and retain personal data.

  • Make data erasable. The right to be forgotten clause specifies that the customer can request removal of all personal data from a database.

  • Make the data you collect easily downloadable. Customers have control over portability, which means they should be able to obtain a full record of their data which is readable and exportable.

  • Make your privacy policy crystal clear. If your current privacy policy is filled with misleading legal jargon, be sure to clarify it. Ensure you’re covering all of your bases by discussing any uses of personal data.

In order to help our customers comply with the GDPR, Amity opened a new Amazon AWS data center in Ireland. This will allow Amity users to host their customer data in the EU.

Do you have questions about how the GDPR affects you and your customer data? Send us a note and we’d love to chat!


See Amity in Action

About the Author

Mathilde Augustin

Mathilde is the Manager of Digital Marketing at Amity. After moving from France to complete a degree in Political Science from McGill University, she made her way to Toronto in order to pursue her passion for Marketing and Tech.

Follow on Linkedin More Content by Mathilde Augustin
Previous Article
Running Your Customer Success Organization At Peak Efficiency
Running Your Customer Success Organization At Peak Efficiency

There are many things that you can do to help your Customer Operations Organization run at peak efficiencie...

Next Article
How To Write Customer Experience Surveys
How To Write Customer Experience Surveys

The tried and true customer experience survey can get you the information you need most but what should be ...


First Name
Notification Frequency
Boom! You're All Set
Error - something went wrong!