Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Fort privacy-gdpr-presentation

94 views

Published on

GDPR and Consent for Marketing

Published in: Marketing
  • Be the first to comment

  • Be the first to like this

Fort privacy-gdpr-presentation

  1. 1. © Fort Privacy Partners 2018 1 THE 10 COMMANDMENTS OF CONSENT GDPR AND CONSENT FOR MARKETING
  2. 2. © Fort Privacy Partners 2018 2
  3. 3. © Fort Privacy Partners 2018 3
  4. 4. © Fort Privacy Partners 2018 4 “Following the data breach in December 2015 Wetherspoon has been reviewing all the data it holds and looking to minimise. “We felt, on balance, that we would rather not hold even email addresses for customers. The less customer information we have, which now is almost none, then the less risk associated with data.”
  5. 5. © Fort Privacy Partners 2018 5 “Following the data breach in December 2015 Wetherspoon has been reviewing all the data it holds and looking to minimise. “We felt, on balance, that we would rather not hold even email addresses for customers. The less customer information we have, which now is almost none, then the less risk associated with data.”
  6. 6. © Fort Privacy Partners 2018 6 Is there any good news for marketing?
  7. 7. © Fort Privacy Partners 2018 7 You must have a legal basis for all data processing
  8. 8. © Fort Privacy Partners 2018 8 You must have a legal basis for processing data Data Subject has given CONSENT Processing is under CONTRACT with the data subject Processing is under a LEGAL OBLIGATION Processing is for the VITAL INTERESTS of the data subject Processing is necessary for a task carried out in the PUBLIC INTEREST or in the exercise of OFFICIAL AUTHORITY Processing is for the LEGITIMATE INTERESTS of the controller
  9. 9. © Fort Privacy Partners 2018 9 CONSENT? LEGITIMATE INTEREST?
  10. 10. © Fort Privacy Partners 2018 10 Consent Legitimate Interest Must be balanced Must be proportional Must be managed May be withdrawn
  11. 11. © Fort Privacy Partners 2018 11 Consent All data processing must have a legal basis Consent is used as legal basis in a number of instances GDPR is raising the bar for consent
  12. 12. © Fort Privacy Partners 2018 12 10 Commandments
  13. 13. © Fort Privacy Partners 2018 13
  14. 14. © Fort Privacy Partners 2018 14 Consumers are increasingly accepting of sharing their personal data Privacy concerns reduce as awareness grows Trust in an organisation is the essential precondition of data sharing Consumers see data as a personal commodity Control is the key consumer ambition DMA Data Privacy Consumer Survey 2015
  15. 15. © Fort Privacy Partners 2018 15 Source: DMA Data Privacy Consumer Survey 2015
  16. 16. © Fort Privacy Partners 2018 16 overall concern with online privacy is 79% DMA Data Privacy Consumer Survey 2015
  17. 17. © Fort Privacy Partners 2018 17 Consent for marketing put customers in control, build customer trust and engagement, enhance your reputation
  18. 18. © Fort Privacy Partners 2018 18 Thank you for shopping with us.
  19. 19. © Fort Privacy Partners 2018 19 Consent for marketing Positive opt- in, no default settings Clear and concise, separate from other terms and conditions At the time of collection
  20. 20. © Fort Privacy Partners 2018 20 “We’ve started emailing receipts as it’s better for the environment. Would you like to give us your email address?” “Are you sure you don’t want your receipt by email as you may lose the paper version?” “We don’t do paper receipts anymore so if you want a receipt you need to give us your email address”
  21. 21. © Fort Privacy Partners 2018 21 How long does consent last? No hard and fast rule. It depends on what would be considered reasonable. Consider: • Scope of the original consent • Reasonable expectations of the individual
  22. 22. © Fort Privacy Partners 2018 22 The right to withdraw consent At any time As easy to withdraw as it was to give Same method wherever possible No penalty Stop processing Include information about right to withdraw
  23. 23. © Fort Privacy Partners 2018 23 E-receipts What is the purpose? Is the purpose communicated clearly? Do you get specific opt-in for marketing? Are your staff trained? Do your staff have quotas to meet? What if the customer objects? What if the customer is a minor? (U16) Do you include a link to opt-out of marketing? Does the e-receipt contain clear information about the marketing opt-in?
  24. 24. © Fort Privacy Partners 2018 24 ePrivacy Regulation 2011 Security Traffic data Location Data Calling Line ID Data Cookies Directories Direct Marketing
  25. 25. © Fort Privacy Partners 2018 25 ePrivacy Regulation 2011 Security Traffic data Location Data Calling Line ID Data Cookies Directories Direct Marketing
  26. 26. © Fort Privacy Partners 2018 26 ePrivacy Regulation 2018(???) Scope • Applies to OTT services Extraterritorial effect • AS GDPR Cookies • New Rules Consent • AS GDPR • No Legitimate Interest grounds OBA • May be Impacted
  27. 27. © Fort Privacy Partners 2018 27

×