Chief Revenue Officer, brief guide for the GDPR, Datastreams

The GDPR: a brief guide for the Chief Revenue Officer

May 25th, 2018; the date the GDPR goes into effect. There is certainly plenty of information on the internet about what the GDPR is and what it requires from businesses. However, the impact the GDPR will have on your daily life might not be as apparent. In a series of blogs, we discuss the impact the GDPR will have on you and the changes you will have to make to continue working effectively under the new regulation. This time, we discuss some important GDPR guidelines for the Chief Revenue Officer.

Strike a balance

As Chief Revenue Officer, you are likely used to performing a balancing act: balancing marketing versus sales or direct conversions versus long-term content strategies. The GDPR will bring an extra challenge: striking a balance between GDPR demands and financial results. As your Data Protection Officer is not concerned with the financial impacts of GDPR-guidelines, you might find yourself at odds with him or her at times. Working together with your DPO to comply with the GDPR while still being able to perform valuable analytics, is crucial.

Break down silos

An issue in companies that is growing in magnitude as the GDPR approaches, is the silos that might still be present in your company. As Chief Revenue Officer is it vital you break down silos in your company to allow marketing, sales and customer relations to work together towards a single goal. Open communication with the data protection officer and even the IT department is also growing in importance, as clarity on where data is processed for with purpose is vital for complying with the GDPR.

Continue to be data driven

The best Chief Revenue Officers are data-driven, and this will not change under the GDPR. Collecting omnichannel customer data and using it to proactively address customer issues, is still one of the most effective ways of ensuring more (and more predictable) revenue. While collecting customer data will be more difficult under the GDPR, doing it will be more important than ever to identify market opportunities.

For the data-driven revenue officer, the GDPR might actually turn out to be a blessing in disguise. The GDPR will force many companies to adopt a more structured approach towards gathering and processing data. Companies will likely turn to data management platforms and the like to map and manage the data they collect. A smart CRO will be able to use this data management platform, along with other technologies, to collect and process a wide variety of data in a more comprehensive way. Work together with your data protection officer and higher management to ensure you can reap the benefits from any new technology that is being brought in. In other words…

Use the right tools for the job

The ideal data management tool does not only ensure GDPR-compliant processing, but also provides you with constant access to comprehensive, complete, quality data. Our Data Stream Manager has been developed not only with the GDPR in mind, but also with a dedication to ensuring quality data across the company. Whether you are interested in optimising conversion rates or analysing customer behaviour, the Data Stream Manager enables you to perform analytics on complete, integrated datasets. This way, we aim to help you improve your current revenue and discover valuable new business opportunities in a GDPR-compliant way.

Combining Consent Management and the DPO Controller Portal

Combining the DPO Controller Portal with Consent Management

The General Data Protection Regulation (GDPR) influences all organisations that do business within the European Union or processes any kind of personal data that belong to European citizens. Complying with the GDPR rules should not be underestimated, as it takes a lot of time and effort from all each department within an organisation. The complexity has to do with, among other things, the differences between the preferences, processes and permissions of all departments. But taking the next steps is necessary to prevent any type of fines and – even more important – to preserve customers trust.

The marketing department
The risk for the marketing department concerns the complexity of the data they collect and that it might be used for purposes a user didn’t approve. The cookie request for overall marketing purposes that is used by most companies at the moment does not meet the requirements of the regulation. The GDPR provides a much-needed, updated definition of consent, defining it as:  “Any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.”. This means companies need to specify their requirements and the marketing department can only use the collected data for that purpose.

The right of the users
Before an organisation can collect any kind of information about a visitor, they need to ask for consent. And as the GDPR states, each individual has the right to change their preferred setting at any time. Organisations should adapt to this feature by implementing privacy by design principles in their processes. One of biggest concerns is that there are a lot of companies that use Google Analytics (GA). GA will gather the data of the users before they can decline anything and the result is that a company is not compliant – before the regulatory authorities even checks their other processes. With a solution such as our consent manager, individuals can change their preferred settings at any time. This way the user does not only think they have control over their settings, they actually do. Every time an individual uses the consent manager, it will change instantly.

The influence of the DPO
According to the GDPR, many companies require assigning a DPO along with their name and contact details. The most important role of the DPO is managing the data streams that take place within the company and control the data agreements with third parties. When there is the need for a new connection between a data source (of any kind) and a destination, it needs to be requested to the DPO of the organisation. Firstly, the DPO checks the purpose and estimates whether this is legally permitted. After that, the DPO informs the requester if the data stream is approved or not. The Datastream portal makes it possible for the DPO to control all the data streams that exist within a company and its trusted parties. It also shows the DPO insights of which data is collected, what settings the user chose and for what purposes the user gave opt-in.

The complexity of technology
Luckily Datastreams.io understands the complexity of technology and that it might be difficult for companies to comply data streams between systems and with the different roles of sources and destinations. Not only might the complexity of technology be a burden, but to adapt to the GDPR in all processes, it demands a lot of effort from the IT department. This is why Datastreams.io provides a GDPR compliant solution that only requires a Single Line Of Code, the SLOC. It is not designed to replace any kind of technology or tool an organisation currently has, but it is meant to provide the controller portal for the DPO and to provide secure, privacy by design transport between internal and external systems. Why not start today?