The Challenge
GDPR, CCPA, CASL, and now LGPD— data privacy and compliance legislation are our new marketing reality. However, most organizations have little time to learn the intricacies of the various regulations, nor do they have a clear picture of how close their current lead database, forms, subscription center, and data management practices are to compliance requirements, let alone how to structure processes and systems for ongoing compliance.
What about cookie laws, data processing and enrichment, not to mention the right to be forgotten? With so many moving pieces, understanding an organization’s GDPR readiness (or readiness for any privacy legislation, for that matter) is a complex process.
The reality for most marketers is keeping up with privacy regulations is not part of your “day job.” With marketing and operational goals to hit, a staff that’s already stretched thin...how does an organization navigate the complexities of GDPR, CCPA, LGPD and CASL?
With no real strategy in place and pressure to quickly become compliant, a consulting firm was scrambling and needed help— they contacted the marketing operations experts at MERGE for assistance.
The Solution
Over the span of 18 days, MERGE's compliance team identified the client's GDPR readiness by analyzing every area of the client’s marketing operations— including governance, assets, the database, the subscription center and data management programs— identifying and prioritizing areas of potential concern and providing an estimate on the speed with which the issues in a specific area could be rectified.
The Results
MERGE summarized their key findings and recommendations in a comprehensive report of GDPR readiness, giving this client concrete recommendations for implementing operational changes that would align with GDPR compliance. Additionally, the client was given tools and resources that would help them with their implementation processes, by offering ready-to-use examples of “approved” language to use in GDPR-compliant policies.
The client also received:
- Guidance on employing a data preference center with data rights timestamping, and outlined new best practices for handling opt-in cookie consent.
- A detailed report of systems implications across the entire organization, providing a big picture view of system health, key findings and recommendations.
- Compliance analysis and identification of the number of records currently in the database that would not be up to GDPR standards, along with a recommended opt-in campaign to help bring viable leads over, without risking compliance issues.
Ensuring that your data and processes are GDPR, CCPA, LGPD, and CASL compliant can feel overwhelming or even insurmountable—especially when you still have revenue goals to meet, campaigns to execute and marketing operations to run. Take smart steps to keep your data and your company safe. Talk to our team of Marketo experts now.