The European General Data Protection Regulation (GDPR) — which goes into effect May, 2018 — is one of many new regional regulations aimed at increasing consumer privacy. For organizations preparing to meet these new requirements, a mature, cloud-based Customer Identity and Access Management (CIAM) solution and strategy is the best place to start. Download our data sheet to learn how Gigya’s CIAM platform enables privacy compliance, with features that help manage:
- User consent and control of data
- Data localization
- Social network compliance
- Anti-spam preference management
- Accessibility compliance
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
Data Sheet - Managing Consumer Privacy in the Cloud with Gigya
1. DATA SHEET
Cloud technologies continue to explode in popularity. In fact,
“Gartner predicts a 16.0% growth in public cloud services in
2016 with a revenue of $204 billion in 2016.”1
But growing
concerns about consumer privacy are rewriting the rules for
how cloud providers must manage user data, with transparency,
consent and control being the top concerns.
Complex enterprise cloud technology stacks are driving ROI at ever-expanding
rates, by harnessing the power of big data to deliver the personalized customer
experiences that consumers now expect. But, as the old saying goes: “With great
power comes great responsibility.”
It’s now commonplace for a single enterprise stack to tap cloud technologies
operating in multiple time zones and country codes, slinging consumers’ personal
data across the borders of nations that have varying requirements for how that data
must be handled. A host of new data protection and privacy regulations are rolling
out across the globe in the near future, most notably the European General Data
Protection Regulation (GDPR). The GDPR is a
complex regulation and carries the threat
of massive penalties of up to €20,000,000
or 4% of global turnover for non compliance.
So where should your business begin to
address consumer privacy compliance in your
wider digital strategy?
Privacy By Design
The GDPR actually presents an exciting
opportunity to evaluate your strategy around
consumer data, beginning with the principle of
“Privacy by Design” (PbD). For every service
or business process making use of personal
data that you employ — whether on-premise or
cloud-based — the protection of that data must
be taken into consideration. If you’re trusting a
variety of distributed cloud-based point solutions
for marketing, service or sales to safeguard consumer data and keep your business
in legal compliance, you may be taking a big risk. The safer route is to centralize
management of all personal data, to give you maximum visibility and control of where
that data lives and how it is used.
Managing Consumer Privacy in the
Cloud with Gigya
1
Gartner, Forecast Analysis: Public Cloud Services, Worldwide, 1Q16 Update, (May, 2016)
PRIVACY
BY DESIGN
7 Foundational
Principles
Proactive not
Reactive;
Preventative
not Remedial
Privacy as
the Default
Setting
Privacy
Embedded
into Design
Full
Functionality –
Positive-Sum,
not Zero-Sum
Visibility and
Transparency –
Keep it Open
End-to-End
Security – Full
Lifecycle
Protection
Respect for
User Privacy –
Keep it
User-Centric
2. DATA SHEET
Your goal should be to build the transparency into the user experience that
consumers expect and the law demands, while extracting maximum value from the
data that you collect and manage. Gigya enables you to centralize all management
of consumer data in a single, end-to-end solution. Our industry-leading Customer
Identity Management platform is built specifically for managing consumer identity
data. Designed with features that are built according to the central tenets of PbD,
Gigya’s platform acts as the essential customer identity layer across today’s
complex, cloud-driven technology stacks.
Consent Management
Many regional regulations mandate that businesses obtain verifiable
consent from their users when collecting and using their personal
information. Gigya’s flexible SaaS platform offers self-service registration,
login and profile management flows that can be easily customized to
communicate the specific data that will be collected from users and how
it will be used for each context. Privacy notices, terms and conditions,
marketing opt-in/out functions, account preferences, and the all-important
“right to be forgotten” — the ability for users to delete their data at any
point — can all be baked into your strategy by design.
To help you meet proof of consent requirements, Gigya stores current
terms of consent and individual identifiers for each user, so proof is
always at hand. Requirements for the minimum age of consent — which
varies widely by country — are also easily met with our platform.
User Data Control
There are strict new requirements for giving consumers control over
their own data. At any point and for any reason, users must be able
to autonomously export, delete, edit and freeze processing of their
profile information. Gigya’s Profile Management functions ensure that
consumers remain in full control of their data, and make it possible for
your business to store only data that is absolutely necessary to enable
the functionality of relevant applications or services.
Data Localization
Many countries now require that any organization doing digital business
within their borders store and manage associated consumer data there.
Because ours is a purely cloud-based platform, Gigya maintains data
centers in multiple regions, including North America, Europe, Australia,
Russia and China (2017) to ensure that brands can continue to safely
serve their audiences, wherever they are.