What steps should brands consider to become GDPR ready?
We suggest these 5 steps to get started with GDPR-readiness.
1. Inventory your digital properties, including mobile apps and websites, to assess which cookies, tags, or other data are necessary.
2. Map your consumer’s journey and tell your privacy story through meaningful notices and choices.
3. Develop a consent management strategy with an eye towards the consumer experience.
4. Determine how you will authenticate user identity to address data subject requests.
5. Identify and capitalize on existing processes to help respond to data subject requests.
My business is headquartered outside of Europe, does GDPR apply to us?
Potentially. If you market products or services to individuals in the EU and you collect personal data, then GDPR may impact your business. GDPR is not only applicable to companies based in Europe. GDPR could apply to any company, even those located outside of Europe, if it offers goods and services or markets to individuals in the EU.
What is the role of Adobe as a data processor?
As a data processor, Adobe provides software and services to an enterprise, like yours, for the personal data you ask us to process and store. We only process personal data in accordance with your company’s instructions as set out in your agreement with us. If your consumers’ data is in an Adobe solution and you need our assistance with any individual consumer requests, we will partner with you through processes, products, services, and tools to help you respond.
Do marketers need to get all new consents for their marketing database?
GDPR changes how brands obtain consent and may require some consents to be refreshed or updated. For instance, if a brand’s current consent practices meet or exceed the obligations outlined by GDPR then no changes to consent may be needed. However, if a brand’s consent practices fall short of the enhanced obligations, then those consents should be reevaluated and modernized.