Skip to main content

Falling in love with GDPR

When you consider the implications the General Data Protection Regulation (GDPR) has for companies that operate in the EU or handle EU citizens’ personal data, it’s easy to see why people are uneasy about it. We’ve often discussed how the GDPR’s many new requirements bring plenty of extra work and responsibility for companies, along with huge fines for data breaches and non-compliance. But let’s take a step back and look at the bright side of the GDPR. Yes, there is one! Let us show you why EU citizens should be proud of the GDPR, and how you – like us – can come to appreciate the GDPR and even fall in love with it.

The personal side of GDPR

First, let’s talk about the personal side of GDPR.

As EU citizens, the GDPR brings us greater rights and freedoms. Companies will learn to be much more conscious, transparent, and responsible when processing and handling our personal data.

The GDPR has become the gold standard for data and privacy protection. Its influence has spread around the globe, from South America to Oceana, inspiring new privacy laws that all have the same goal: To protect people’s privacy and freedoms when it comes to their data.

Of course, we all want the world to be a better place, but most of us can’t help but focus on what is nearest to us. So you may say: Yes, that’s great, but how does this affect my company?

Love of GDPR is good for your company

Here are my top 3 reasons for falling in love with the GDPR:

  1. Tidy data is more valuable. Your company has collected loads of data over the years. Now, you actually required to look through it and keep track of where it goes. Companies that take the task serious will find tremendous benefits from this giant clean-up. Revisit data that has been buried and forgotten, get it structured and discover something you can use.
  2. Meeting customer demand for privacy builds your brand. The 2010’s were full of data abuses. Fiascos like Cambridge Analytica and Facebook’s left people with a new appreciation for privacy and responsible companies. Trust is good for business, and you can make more money by following the rules than by breaking them.
  3. Improving your practices saves time and energy long-term. Setting up properly for GDPR compliance means streamlining and simplifying your data processes and use of systems. Use GDPR compliance as an opportunity to make your company more efficient.

Let’s take a closer look at each of these.

1. Tidy data is more valuable

All the personal data that your company has collected over the years is stored somewhere. Do you know where it is? This includes data you’ve collected about customers, employees, partners, and others across all your departments…HR, production, marketing, R&D, sales, etc. To become GDPR compliant, all the data you have –including data collected before the 25th of May –needs to be found and tracked.

This can become either one of the most troublesome processes or the most rewarding one (depending on how you go about it) on your road to becoming GDPR compliant. Let’s be honest, most of our data storage is a mess. Companies use many different locations for archiving documents and a variety of software and applications for managing processes. Add to this the data and attachments stashed in each person’s email folders and any data that has made its way onto personal computers (it happens!).

The GDPR has made organizing and protecting all that data mandatory. This type of data inventory is almost impossible to do manually, as it would take too much time and may still not be accurate. However, with the right tools, you can identify and classify personal data across your systems quickly; making it easy to discover valuable data you can use and eliminate ROT, data that is redundant, obsolete or trivial.

Get rid of data you no longer need and save only what you have a legitimate interest or reason to keep. What will you find when you revisit your data in this deep investigation? Old sales leads? A contract you forgot to follow up on? A subscription you’re still paying for, but not using? Save money by identifying superfluous systems and suppliers.

Convert important data to a structured, machine-readable format, and then use it! You probably spent a significant amount of time – and thereby money – to collect it. Don’t leave it buried in storage. Put it to good use.

A smart data discovery tool can turn the process of tidying up your data from a nightmare into a simple exercise that greatly increases the value of your data.

2. Build your brand by meeting customer demand for privacy

The Cambridge Analytica and Facebook scandal shows exactly why GDPR is such a valuable piece of regulation to protect people’s privacy.

When it was discovered that 87 million Facebook users’ data was collected without their consent by Cambridge Analytica, it meant the end for the British consulting firm (Cambridge Analytica filed for bankruptcy). Litigation against Facebook is ongoing, six years later. It’s safe to say the rest of us do not have the PR or legal resources to keep our companies’ doors open after such a crisis.

People’s privacy is protected by the GDPR and it should be respected. Data breaches can cause real harm to the person whose data is misused or leaked. And the company found responsible for the breach may suffer even more: Enough fines, litigation and loss of reputation to put you out of business.

Instead of burying your head in the sand and hoping you won’t come up on the wrong side of the GDPR, commit to GDPR compliance and show people that you respect your customers’ and employees’ privacy. This is an opportunity to build your brand. People know their rights and they would rather give their money to responsible, data-ethical companies that will protect their privacy.

Create solid data privacy policies, set up for transparency and compliance with smart data management tools, then highlight all of that in your marketing activities, customer materials, and other relevant places. Build your brand by letting people know your company cares about protecting their data and privacy.

3. Improving your practices saves time and energy long-term.

GDPR compliance requires you to assess and evaluate the processes and software you and your employees use to make sure they are adequate to keep data safe. Along the way, you will also discover ways to simplify your processes and become more efficient.

After our own internal review of Safe Online, we discovered that 5 different project management software were being used(!). Reducing the number of different software solutions being used to solve the same problem helped us cut costs, avoid confusion and save time.

Working with fewer systems saves time when introducing new people to your organization. Onboarding is easier, as new employees will learn how to follow procedures within your systems faster.

The simpler, the better. Fewer systems across the organization mean easier GDPR compliance and more efficient workflows.

Want more free data privacy tips?

Get the latest data privacy management news, trends and expert tips delivered straight to your inbox.

    Loving GDPR

    While most of the attention given to the GDPR focuses on its huge fines, why not choose to see it as an opportunity to improve your business from the inside out and build your brand?

    In the end, committing to GDPR is a win-win strategy that benefits both your company and your customers. Customer satisfaction increases because people get their data rights and privacy protected. Your company develops a more data-driven approach and benefits from a long-overdue clean-up while building a great brand. Who knows – you could even start to love GDPR?

    Data discovery is a great place to start. DataMapper is a smart data discovery tool that quickly finds and classifies personal data across all your systems.  Read more about DataMapper → 

    Sebastian Allerelli

    Governance, risk, and compliance specialist