GDPR: The DOs and DON’Ts of Personal Data

Master Data Management Blog by Stibo Systems logo
| 3 minute read
June 13 2018

The 25th of May 2018 has come and gone, and the General Data Protection Regulation (GDPR) is now official. In this blog post we'll share a few insights into what you as a business should—and should not—do, in the wake of the GDPR.

Taking on GDPR

Do view the personal data rights as natural, and free, services to your customers

The rights associated with the GDPR that individuals can now exercise mean that your business is obligated to provide consumers with certain information. You have to give them information about the period and purpose of their data processing. You also have to perform actions on their behalf if required, such as moving data to other organizations, completing or correcting details on customer profiles, and even deleting contacts. And, all of this must be done free of charge for the individual.

Instead of seeing them as inconvenient duties, view these as services you provide to your customers and prospects—services that, so far, differentiate you from non-GDPR-compliant businesses. And, like any other customer service you provide, do it with a smile. 

Do change your business mindset and culture about personal data

By now you (hopefully) have the systems and processes in place that are required by the GDPR. But, there’s still a task that awaits most companies: changing how you and everyone in your organization view your personal data. In fact, the “your” in the last sentence is exactly what needs to change. The personal data that the GDPR was set out to protect is no longer yours. It belongs to the related individual. You’re merely borrowing it to deliver a service or a product, and so need to treat it with the respect it deserves. The change management perspective of this thinking should not be underestimated. So, if you haven’t already started internal campaigns around this, start now. 

Dos and don'ts of the GDPR 

Do think data protection into all business aspects

The GDPR needs to be an integral part of how you do business now. With every new project, initiative and system you launch, you need to put on your "data protection glasses" right from the start. Ask yourself:

  • How are we constantly training our employees to handle personal data?

  • How do we cope with onboarding personal data into our enterprise systems?

  • How are we internally communicating the importance of protecting personal data?

  • How do we cope with personal data in contracts moving forward?

Do keep upping your data protection efforts

Just because your business is GDPR-compliant does not mean that you can lean back and expect all your data issues to be solved, and the affected data kept safe. Data breaches will continue to happen. New regulations will at some point occur as data usage evolves even further. Consumers will develop new expectations above and beyond the GDPR as soon as the protection level required by the GDPR becomes the norm.

So, you might as well prepare for all these things and be proactive instead of reactive. Make sure you have a clear and relevant data breach communication and action plan ready. Keep on educating yourself on the data protection market evolvement, and make sure investment willingness is in place as this is an area that will only continue to gain more importance.

Dos and don'ts of the GDPR

Don’t give up

Although GDPR deadline is past due, far from all companies that need to be are compliant. But, that doesn’t mean they should give up. As we see fines starting to mount, don’t panic; just keep on going and start changing your processes, systems, communication, etc., one step at a time. 

Don’t ignore requests from individuals

The one thing that will put you right in the spotlight of the European Commission is if you fail to deliver on the rights that individuals may exercise towards you. Consumers can formally complain about you if they feel you are failing to protect their personal data. And, if found that you aren’t GDPR-compliant, you risk a fine as big as up to 20 Million Euros or 4% of your annual turnover. So, even if you and your employees are crazy-busy doing other stuff, do not ignore a single personal data request from a consumer. Prioritize the resources it takes to deliver what is asked for, even if it costs you—because, if you don’t, it might end up costing you a lot more. 

jurica-koletic-317423-unsplash-877565-edited-906354-edited 

Don’t be afraid to delete data

The consent aspect of the GDPR is probably where most businesses are hesitant, simply because it can potentially cost them a big chunk of their customer and/or prospect database. Legally, you now have to have action-based, purpose-specific consent to collect and process someone’s data, forcing companies to re-ask their entire database for their consent. Not getting it means that they have to erase the related data, scaring many companies away from doing so. But, it shouldn’t. Instead, view it as a way to clean up your contacts and only keep the ones that actually wish to receive marketing and communication from you. Don’t be afraid to delete data from those not interested. If they’re not even interested in receiving relevant emails from you, chances are they’re not going to buy from you anytime soon.

Don’t let your personal data efforts negatively impact other processes

Just because you have changed your business ways in regard to collecting, processing and storing personal data, you shouldn’t change everything else. Don’t stop sharing data with third parties if that has proven a success for you earlier. Just make sure your partners are GDPR-compliant as well. Don’t give up on trying to create personalized customer experiences because there are limitations to the data you can collect. In fact, try harder. Don’t let the GDPR be a barricade for innovation and creative thinking. Think GDPR into your creative processes, and let it be an enabler, not a barrier.


Topics: 
Master Data Management Blog by Stibo Systems logo

Martin Samuel Nielsen is the Chief Information Security Officer (CISO) at Stibo Systems. Martin, who has worked with information security in some of Northern Europe’s biggest companies, including Vestas and Velux, has a great passion for making data protection and information security an integral part of the daily business processes. He holds several personal information security certifications, such as CISA, ESL, CISSP, CISM and CRISC. Martin is also the leading force behind Stibo Systems’ ISO/IEC 27001:2013 certification, the international standard outlining best practices for information security management.

Discover Blogs by Topic

  • MDM strategy
  • Data governance
  • Customer and party data
  • See more
  • Retail and distribution
  • Manufacturing
  • Data quality
  • Supplier data
  • Product data and PIM
  • AI and machine learning
  • CPG
  • Financial services
  • GDPR
  • Sustainability
  • Location data
  • PDX Syndication

Navigating Change: Engaging Business Users in Successful Change Management

9/20/24

What is Digital Asset Management?

9/11/24

How to Improve Your Data Management

9/3/24

The Future of Master Data Management: Trends in 2023-2025

9/1/24

Digital Transformation in the CPG Industry

8/30/24

5 CPG Industry Trends and Opportunities for 2024-2025

8/29/24

What is the difference between CPG and FMCG?

8/27/24

Responsible AI relies on data governance

8/27/24

6 Features of an Effective Master Data Management Solution

8/15/24

Great Data Minds: The Unsung Heros Behind Effective Data Management

8/13/24

A Data Monetization Strategy - Get More Value from Your Master Data

8/6/24

Introducing the Master Data Management Maturity Model

8/4/24

What is Augmented Data Management? (ADM)

7/31/24

Data Migration to SAP S/4HANA ERP - The Fast and Safe Approach with MDM

7/30/24

Data Governance and Data Protection: A Match Made in Heaven?

7/17/24

The Difference Between Master Data and Metadata

5/26/24

Master Data Management Roles and Responsibilities

5/20/24

8 Best Practices for Customer Master Data Management

5/16/24

What Is Master Data Governance – And Why Do You Need It?

5/12/24

Guide: Deliver flawless rich content experiences with master data governance

4/11/24

Risks of Using LLMs in Your Business – What Does OWASP Have to Say?

4/10/24

Guide: How to comply with industry standards using master data governance

4/9/24

Digital Product Passports - A Data Management Challenge

4/8/24

Guide: Get enterprise data enrichment right with master data governance

4/2/24

Guide: Getting enterprise data modelling right with master data governance

4/2/24

Guide: Improving your data quality with master data governance

4/2/24

Data Governance Trends 2024

1/30/24

NRF 2024 Recap: In the AI era, better data can make all the difference

1/19/24

Building Supply Chain Resilience: Strategies & Examples

12/19/23

How Master Data Management Can Enhance Your ERP Solution

12/14/23

Shedding Light on Climate Accountability and Traceability in Retail

11/29/23

What is Smart Manufacturing and Why Does it Matter?

10/11/23

Future Proof Your Retail Business with Composable Commerce

10/9/23

5 Common Reasons Why Manufacturers Fail at Digital Transformation

10/5/23

How to Digitally Transform a Restaurant Chain

9/29/23

Three Benefits of Moving to Headless Commerce and the Role of a Modern PIM

9/14/23

12 Steps to a Successful Omnichannel and Unified Commerce

7/6/23

CGF Global Summit 2023: Unlock Sustainable Growth With Collaboration and Innovation

7/5/23

Navigating the Current Challenges of Supply Chain Management

6/28/23

Product Data Management during Mergers and Acquisitions

4/6/23

A Complete Master Data Management Glossary

3/14/23

4 Ways to Reduce Ecommerce Returns

3/8/23

Asset Data Governance is Central for Asset Management

3/1/23

4 Common Master Data Management Implementation Styles

2/21/23

How to Leverage Internet of Things with Master Data Management

2/14/23

Manufacturing Trends and Insights in 2023-2025

2/14/23

Sustainability in Retail Needs Governed Data

2/13/23

NRF 2023: Retail Turns to AI and Automation to Increase Efficiencies

1/20/23

5 Key Manufacturing Challenges in 2023

1/16/23

What is a Golden Customer Record in Master Data Management?

1/9/23

Innovation in Retail

1/4/23

Life Cycle Assessment Scoring for Food Products

11/21/22

Retail of the Future

11/14/22

Omnichannel Strategies for Retail

11/7/22

Hyper-Personalized Customer Experiences Need Multidomain MDM

11/5/22

What is Omnichannel Retailing and What is the Role of Data Management?

10/25/22

Most Common ISO Standards in the Manufacturing Industry

10/18/22

How to Get Started with Master Data Management: 5 Steps to Consider

10/17/22

What is Supply Chain Analytics and Why It's Important

10/12/22

What is Data Quality and Why It's Important

10/12/22

An Introductory Guide: What is Data Intelligence?

10/1/22

Revolutionizing Manufacturing: 5 Must-Have SaaS Systems for Success

9/15/22

An Introductory Guide to Supplier Compliance

9/7/22

What is Application Data Management and How Does It Differ From MDM?

8/29/22

Digital Transformation in the Manufacturing Industry

8/25/22

Master Data Management Framework: Get Set for Success

8/17/22

Discover the Value of Your Data: Master Data Management KPIs & Metrics

8/15/22

Supplier Self-Service: Everything You Need to Know

6/15/22

Omnichannel vs. Multichannel: What’s the Difference?

6/14/22

Create a Culture of Data Transparency - Begin with a Solid Foundation

6/10/22

The 5 Biggest Retail Trends for 2023-2025

5/31/22

What is a Location Intelligence?

5/31/22

Omnichannel Customer Experience: The Ultimate Guide

5/30/22

Location Analytics – All You Need to Know

5/26/22

Omnichannel Commerce: Creating a Seamless Shopping Experience

5/24/22

Top 4 Data Management Trends in the Insurance Industry

5/11/22

What is Supply Chain Visibility and Why It's Important

5/1/22

The Ultimate Guide to Data Transparency

4/21/22

How Manufacturers Can Shift to Product-as-a-Service Offerings

4/20/22

How to Check Your Enterprise Data Foundation

4/16/22

An Introductory Guide to Manufacturing Compliance

4/14/22

Multidomain MDM vs. Multiple Domain MDM

3/31/22

Making Master Data Accessible: What is Data as a Service (DaaS)?

3/29/22

How to Build a Successful Data Governance Strategy

3/23/22

What is Unified Commerce? Key Advantages & Best Practices

3/22/22

How to Choose the Right Data Quality Tool?

3/22/22

What is a data domain? Meaning & examples

3/21/22

6 Best Practices for Data Governance

3/17/22

5 Advantages of a Master Data Management System

3/16/22

A Unified Customer View: What Is It and Why You Need It

3/9/22

Supply Chain Challenges in the CPG Industry

2/24/22

The Best Data Governance Tools You Need to Know About

2/17/22

Top 5 Most Common Data Quality Issues

2/14/22

What Is Synthetic Data and Why It Needs Master Data Management

2/10/22

What is Cloud Master Data Management?

2/8/22

How to Implement Data Governance

2/7/22

Build vs. Buy Master Data Management Software

1/28/22

Why is Data Governance Important?

1/27/22

Five Reasons Your Data Governance Initiative Could Fail

1/24/22

How to Turn Your Data Silos Into Zones of Insight

1/21/22

How to Improve Supplier Experience Management

1/16/22

​​How to Improve Supplier Onboarding

1/16/22

How to Enable a Single Source of Truth with Master Data Management

1/13/22

What is a Data Quality Framework?

1/11/22

How to Measure the ROI of Master Data Management

1/11/22

What is Manufacturing-as-a-Service (MaaS)?

1/7/22

The Ultimate Guide to Building a Data Governance Framework

1/4/22

Master Data Management Tools - and Why You Need Them

12/20/21

The Dynamic Duo of Data Security and Data Governance

12/20/21

How to Choose the Right Supplier Management Solution

12/20/21

How Data Transparency Enables Sustainable Retailing

12/6/21

What is Supplier Performance Management?

12/1/21

What is Party Data? All You Need to Know About Party Data Management

11/28/21

What is Data Compliance? An Introductory Guide

11/18/21

How to Create a Marketing Center of Excellence

11/14/21

The Complete Guide: How to Get a 360° Customer View

11/7/21

How Location Data Adds Value to Master Data Projects

10/29/21

How Marketers Should Prepare for the 2023 Holiday Shopping Season

10/26/21

What is Supplier Lifecycle Management?

10/19/21

What is a Data Mesh? A Simple Introduction

10/15/21

How to Build a Master Data Management Strategy

9/26/21

10 Signs You Need a Master Data Management Platform

9/2/21

What Vendor Data Is and Why It Matters to Manufacturers

8/31/21

3 Reasons High-Quality Supplier Data Can Benefit Any Organization

8/25/21

4 Trends in the Automotive Industry

8/11/21

What is Reference Data and Reference Data Management?

8/9/21

What Obstacles Are Impacting the Global Retail Recovery?

8/2/21

GDPR as a Catalyst for Effective Data Governance

7/25/21

All You Need to Know About Supplier Information Management

7/21/21

5 Tips for Driving a Centralized Data Management Strategy

7/3/21

Welcome to the Decade of Transparency

5/26/21

How to Become a Customer-Obsessed Brand

5/12/21

How to Create a Master Data Management Roadmap in Five Steps

4/27/21

What is a Data Catalog? Definition and Benefits

4/13/21

How to Improve the Retail Customer Experience with Data Management

4/8/21

How to Choose the Right Master Data Management Solution

3/29/21

Business Intelligence and Analytics: What's the Difference?

3/25/21

Spending too much on Big Data? Try Small Data and MDM

3/24/21

What is a Data Lake? Everything You Need to Know

3/21/21

How to Extract More Value from Your Data

3/17/21

Are you making decisions based on bad HCO/HCP information?

2/24/21

Why Master Data Cleansing is Important to CPG Brands

1/20/21

CRM 2.0 – It All Starts With Master Data Management

12/19/20

5 Trends in Telecom that Rely on Transparency of Master Data

12/15/20

10 Data Management Trends in Financial Services

11/19/20

Seasonal Marketing Campaigns: What Is It and Why Is It Important?

11/8/20

What Is a Data Fabric and Why Do You Need It?

10/29/20

Transparent Product Information in Pharmaceutical Manufacturing

10/14/20

How to Improve Back-End Systems Using Master Data Management

9/19/20

8 Benefits of Transparent Product Information for Medical Devices

9/1/20

How Retailers Can Increase Online Sales in 2023

8/23/20

Master Data Management (MDM) & Big Data

8/14/20

Key Benefits of Knowing Your Customers

8/9/20

Women in Master Data: Kelly Amavisca, Ferguson

8/5/20

Customer Data in Corporate Banking Reveal New Opportunities

7/21/20

How to Analyze Customer Data With Customer Master Data Management

7/21/20

How to Improve Your 2023 Black Friday Sales in 5 Steps

7/18/20

4 Ways Product Information Management (PIM) Improves the Customer Experience

7/18/20

How to Estimate the ROI of Your Customer Data

7/1/20

Women in Master Data: Rebecca Chamberlain, M&S

6/24/20

How to Personalise Insurance Solutions with MDM

6/17/20

How to Democratize Your Data

6/3/20

How to Get Buy-In for a Master Data Management Solution

5/25/20

How CPG Brands Manage the Impact of Covid-19 in a Post-Pandemic World

5/18/20

5 Steps to Improve Your Data Syndication

5/7/20

Marketing Data Quality: Why Is It Important and How to Get Started

3/26/20

Panic Buying: Navigating Long-term Implications and Uncertainty

3/24/20

Women in Master Data: Ditte Brix, IMPACT

2/20/20

Get More Value From Your CRM With Customer Master Data Management

2/17/20

Women in Master Data: Nagashree Devadas, Stibo Systems

2/4/20

How to Create Direct-to-Consumer (D2C) Success for CPG Brands

1/3/20

Women in Master Data: Anna Schéle, Ahlsell

10/25/19

Women in Master Data: Morgan Lawrence, Infoverity

9/26/19

Women in Master Data: Sara Friberg, Acando (Part of CGI)

9/13/19

Improving Product Setup Processes Enhances Superior Experiences

8/21/19

How to Improve Your Product's Time to Market With PDX Syndication

7/18/19

8 Tips For Pricing Automation In The Aftermarket

6/1/19

How to Drive Innovation With Master Data Management

3/15/19

Discover PDX Syndication to Launch New Products with Speed

2/27/19

How to Benefit from Product Data Management

2/20/19

What is a Product Backlog and How to Avoid It

2/13/19

How to Get Rid of Customer Duplicates

2/7/19

4 Types of IT Systems That Should Be Sunsetted

1/3/19

How to Use Customer Data Modeling

11/15/18

How to Reduce Time-to-Market with Master Data Management

10/28/18

How to Start Taking Advantage of Your Data

9/12/18

6 Signs You Have a Potential GDPR Problem

8/16/18

GDPR: The DOs and DON’Ts of Personal Data

6/13/18

How Master Data Management Supports Data Security

6/7/18

Frequently Asked Questions (FAQ) About the GDPR

5/30/18

Understanding the Role of a Chief Data Officer

4/26/18

3 Steps: How to Plan, Execute and Evaluate Any IoT Initiative

2/20/18

How to Benefit From Customer-Centric Data Management

9/7/17

3 Ways to Faster Innovation with Multidomain Master Data Management

6/7/17

Product Information Management Trends to Consider

5/25/17

4 Major GDPR Challenges and How to Solve Them

5/12/17

How to Prepare for GDPR in Five Steps

2/21/17

How Data Can Help Fight Counterfeit Pharmaceuticals

1/24/17

Create the Best Customer Experience with a Customer Data Platform

1/11/17