Convert’s GDPR Compliance Journey: The Prep to May 25th (And How You Can Still Get on the Right Side of GDPR)

July 10, 2019 –

Here is a quick infographic because you told me no one reads text anymore. 🙂

Because it is never too late to Get-Down-with-GDPR!
Plus, we also put together 11 powerful steps – basically the gist of the most important action items we executed – that can still point your compliance in the right direction.
A: (Dionysia). Of course.
And I can definitely say that the hard work, and diligence that went into embracing the General Data Protection Regulation has paid off for us as a brand and a company.
PS: I fully believe GDPR is going to become a verb like “google” in the recent future. So when you get GDPRd… you basically are hit over the head with something inconvenient, which could have been avoided.

A: I have narrowed down the almost 1000 hours we invested in the GDPR project to 11 essential steps that should not be avoided.
I was not around when the GDPR frenzy peaked.
GDPR gave us the opportunity to holistically reassess these policies – for all our data, not just personal data. This was a valuable undertaking and a way to gain business benefits from an expensive and extensive legal compliance project.
Enjoy the Q and A.

Q: What is the biggest gift GDPR has given us?

Personal data protection is now a data strategy issue. To comply, we needed to have solid data management and data governance policies in place.

Don’t get GDPRd!!

Q: Was there a particular area that was reviewed in the prep to GDPR which in your opinion was overdue for Convert?

But I have heard stories – hilarious and stressful – of the scramble to put together re-permissioning drives which would not make our customers tear their hair out, and the long sprints of revamps on our app to incorporate the “privacy by design” vision we had for Convert Experiences.
A: (Dionysia). I would not say overdue… but data strategy was something I personally took a lot of satisfaction in rehauling.
Is it stressful to continuously be on the forefront of something as sensitive and subjective as privacy – YES. But it is worth the input.

Q: You talk about actual savings from the GDPR! Could you touch on how that came about?

GDPR and transparency has become an essential aspect of the narrative that influences optimizers to choose us, over competitors.
With GDPR, data became more consolidated and accurate. Redundant, Obsolete, Trivial Data is now promptly eliminated. Additionally, given the requirement to receive explicit consent before use, and the need to delete data after the retention time is up or purpose is met, we regularly save money with our cloud providers.
I have seen very few voices talk about regulations as an opportunity. But Dionysia Kontotasiou – the Head of Privacy at Convert – has always held the belief that cleaner data, more consent focused campaigns and ultimately processing what is needed and not bombarding prospect inboxes is not just the ethical high road, but also a wise business decision.

Q: What is your advice for the businesses out there on the journey to privacy compliance?

Another side of accurate data maintenance and customer consent was the opportunity to reduce IT costs further by retiring any legacy data software and/or applications that are no longer relevant nor compliant.
So now a full year and month after the GDPR tidal wave broke, I interviewed Dionysia about the impact of the change on us (and on the optimization landscape in general).

A: (Dionysia) – Getting privacy right is a competitive advantage. We’re more likely to trust a service provider who values our privacy (beyond mere legal compliance) and is transparent about how our data is used. The GDPR requirements opened the door for us to review policies about what we tell customers regarding how their data is collected and processed. This transparency led to deeper trust and more loyal customers. We are very glad to see Convert being mentioned alongside GDPR on forums, and on tool round-ups.