I was not around when the GDPR frenzy peaked.
But I have heard stories – hilarious and
stressful – of the scramble to put together re-permissioning drives which would
not make our customers tear their hair out, and the long sprints of revamps on
our app to incorporate the “privacy by design” vision we had for Convert
Experiences.
And I can definitely say that the hard work,
and diligence that went into embracing the General Data Protection Regulation
has paid off for us as a brand and a company.
I have seen very few voices talk about regulations as an opportunity. But Dionysia Kontotasiou – the Head of Privacy at Convert – has always held the belief that cleaner data, more consent focused campaigns and ultimately processing what is needed and not bombarding prospect inboxes is not just the ethical high road, but also a wise business decision.
So now a full year and month after the GDPR
tidal wave broke, I interviewed Dionysia about the impact of the change on us
(and on the optimization landscape in general).
Plus, we also put together 11 powerful steps –
basically the gist of the most important action items we executed – that can
still point your compliance in the right direction.
Because it is never too late to
Get-Down-with-GDPR!
PS: I fully believe GDPR is going to become a
verb like “google” in the recent future. So when you get GDPRd… you basically
are hit over the head with something inconvenient, which could have been
avoided.
Don’t get GDPRd!!
Enjoy the Q and A.
Q: What is the biggest gift GDPR has given us?
A: (Dionysia) – Getting privacy right is a competitive advantage. We’re
more likely to trust a service provider who values our privacy (beyond mere
legal compliance) and is transparent about how our data is used. The GDPR
requirements opened the door for us to review policies about what we tell
customers regarding how their data is collected and processed. This
transparency led to deeper trust and more loyal customers. We are very glad to
see Convert being mentioned alongside GDPR on forums, and on tool round-ups.
GDPR and transparency has become an essential
aspect of the narrative that influences optimizers to choose us, over
competitors.
Is it stressful to continuously be on the forefront of something as sensitive and subjective as privacy – YES. But it is worth the input.
Q: Was there a particular area that was reviewed in the prep to GDPR which in your opinion was overdue for Convert?
A: (Dionysia). I would not say overdue… but data strategy was something I
personally took a lot of satisfaction in rehauling.
Personal data protection is now a data
strategy issue. To comply, we needed to have solid data management and data
governance policies in place.
GDPR gave us the opportunity to holistically reassess these policies – for all our data, not just personal data. This was a valuable undertaking and a way to gain business benefits from an expensive and extensive legal compliance project.
Q: You talk about actual savings from the GDPR! Could you touch on how that came about?
A: (Dionysia). Of course.
With GDPR, data became more consolidated and
accurate. Redundant, Obsolete, Trivial Data is now promptly eliminated.
Additionally, given the requirement to receive explicit consent before use, and
the need to delete data after the retention time is up or purpose is met, we
regularly save money with our cloud providers.
Another side of accurate data maintenance and customer consent was the opportunity to reduce IT costs further by retiring any legacy data software and/or applications that are no longer relevant nor compliant.
Q: What is your advice for the businesses out there on the journey to privacy compliance?
A: I have narrowed down the almost 1000 hours we invested in the GDPR
project to 11 essential steps that should not be avoided.
Here is a quick infographic because you told me no one reads text anymore. 🙂
