The document outlines seven essential steps for marketers to achieve GDPR compliance, emphasizing the importance of data analysis, processing agreements, and individual consent. It highlights the need for a data protection officer and proper management of personal data, including processes for data breaches and individual rights. Additionally, it mentions Mapp's capabilities in supporting GDPR compliance through clear data mapping, personalized agreements, and a dedicated privacy and security team.

1. GDPR for Marketers
7 simple steps to GDPR compliance
Transparency
Do you interact with or process
data in your business?
Analyze the type of data processed within
your company. You should consider the
different types of data, is it customer data or
employment data? Determine if you are using
a sub-processer or if your data is stored in a
country outside the EU.
Processing
Do you have a Data Processing
Agreement in place for all third parties
processing your data?
Review which sub-processors you are using and if
you have a Data Processing Agreement in place. If
not, you need to obtain a DPA before May 2018.
Data Protection Officer
Do you need to appoint a Data
Protection Officer?
The Data Processing Officer assumes an
important role within your company and should
supervise all data processes. The Data
Processing Officer will need to implement large
scale monitoring of individuals / special
categories of data.
Permission
Do you have the individual’s consent to
process their data? Does a legitimate
interest exist?
For advertisement purposes you will usually
need the data subject’s consent to process
their personal data. Record the language and
the process to obtaining consent.
Responsibility
What is your purpose of processing
personal data? What is your risk factor?
Create and maintain records of all data
processing activities for Audit purposes.
Capture categories of data subjects, transfer
to countries outside the EU, time limits and a
general description of the technical and
organisational security measures.
Data Breaches
Do you have a process in place to inform
the Data Protection Authority if there is a
leak in personal data?
Set an action plan in case of a data leak. Data
leaks should be noticed as early as possible and
reported to the Data Protection Authority.
Rights of the Individual
Do you have personal data management
processes in place?
Consider how you store customer data. You
should be able to retrieve all data associated
with a certain person with minimum effort from
your IT system, and delete if requested.
1
2
5
3
6
7
4

2. Data Breaches
Mapp protects all systems with high-end
security systems and is able to react
immediately in case of an emergency.
Mapp’s
GDPR Guide
Supporting you on the way to
GDPR compliance
Transparency
Mapp has a clear Data Mapping and a
transparent data process. We have the
ability to apply geographical restrictions
in data processes within the EU.
Rights of the Individual
Mapp can easily match data to a person.
This functionality allows you to view
personal data, export and delete as
requested.
Responsibility
Mapp has a dedicated Privacy and Security
Team that support our customers in
assessing risk factors and circumstances
of data processing.
Permission
Mapp’s software can obtain and archive
the users content.
Processing
Mapp offers personalized Data Processing
Agreements to allow Mapp’s customers to
be compliant with GDPR.
Data Protection Officer
Mapp’s Privacy and Security Team can
liaise with our customers’ Data Processing
Officer to offer the most professional and
best support possible.
1
4
2
5
3
6
7