The GDPR (General Data Protection Regulation) has been the hottest topic these last months in the digital world. Complying with these new regulations might be seen as an ordeal since it will come into effect on May 25th . Directly linked to web users’ data, this regulation will have major impacts on digital customer care. Find out in this article how Dimelo can help you navigate this new challenge.
What is the GDPR ?
The confidentiality of personal data has become one of the main preoccupations for companies who want to answer their customers’ expectations. Indeed, according to a study published by Pega who polled 7 000 people, 93% of french consumers want to be able to decide directly the ways their data is used.
The GDPR, voted by the European Parliament in April 2016 , adheres to the direction set by the 1978 Data Protection Act. This new legislation aims to protect and regulate how personal data is processed in the European Union. All companies regardless of their geographic location, who collect and process european citizens’ data are subject to the GDPR.
What are the GDPR’s main goals?
The GDPR was designed to:
-
Protect the personal data of european citizens
-
Hold accountable companies who collect or handle data, especially subcontractors who previously were not affected under the 1978 Data Protection Act.
-
Standardize the legal framework concerning the protection of data with regulation that can be enforced in all the EU states.
In the case where a company refuses to comply with this legislation, they can be subject to a fine of 2 to 4 % of their total revenue. And, for more serious infringements, they could be sentenced to pay a fine of up to 20 million euros.
GDPR: a revolution of the current legislation ?
In answer to the Cambridge Analytica scandals, data protection has increasingly become a main concern for companies. GDPR brings many changes to the current legislation such as:
- Establishing the right to erasure: any person has the right to ask that their data be given back to them or deleted.
- Defining the legal precedences necessary to processing personal data such as consent from the person concerned and proof of a legitimate benefit to processing.
- Protecting citizens from profiling which relies on customers’ data to determine profiles of spending or consumption behaviours.
- Requirements to establish appropriate measures, from the system’s conception in order to downgrade, protect and secure data handling
- Appointment, under certain conditions, of a Data Protection Officer in charge of checking the organization’s compliance to the RGPD.
Data confidentiality: our priority for more than 10 years
Since the beginnings of Dimelo, security is at the heart of our products and services. Our solution integrates features that give companies the ability to handle their digital customer care and any other involved data safely. This also includes providing a complete audit log, filtering sensitive information, and the possibility of configuring a SSO system.
This also means we select technical partners that answer to the highest standards of security and host our data in Europe. These imperatives guarantee the highest level of security in our infrastructure.
By providing companies with a solution for their customer care management, Dimelo is concerned by the requirements of the GDPR for subcontractors in terms of security, confidentiality, and documenting our activity.
In this sense, Dimelo abides by the GDPR regulation through the following measures:
- Appointing a Data Protection Officer in charge of checking our company’s compliance to the RGPD.
- Attention given to not using or storing more personal data than needed to deliver our services.
- Implementing several technical security measures to ensure the availability, integrity, confidentiality, and traceability of all uses of personal data.
- Granting, in Dimelo Digital, a modifiable period of data storage. By default, this period is determined over the course of 2 years.
- Access guarantee, for clients and prospects, to their personal data and the right to modify their information. The person concerned can also ask the DPO to export or even erase his information as soon as May 25th 2018.
- Implementing a specific process in case of a personal data breach.
- Internal checks to protect the way personal data is handled. Moreover, an external security audit is conducted in average once a month.
The GDPR coming into effect shows that the issue of confidentiality of personal data is becoming a major stake for businesses. This concern has always been at the heart of Dimelo’s services and products and we have implemented all the necessary measures to conform to the latest legislation. By working with Dimelo, businesses have the guarantee that our solution complies with the new requirements in terms of customer data handling. This way, they are able to focus on expanding and monitoring their customer experience strategy, to be prepared where their customers expect them.
Originally published May 18, 2018, updated Dec 30, 2022