We are all avidly following the Facebook data privacy scandal and in the wake of calls to #DeleteFacebook and with GDPR looming on us, companies need to embrace data and privacy legislation. Connecting your external systems to surface data to allow individuals to access data stored on them is a critical part of this.
In previous blogs, we have suggested that companies create “Corporate Data Responsibility” (CDR) policies in line with their Corporate Social Responsibility (CSR) which, at a minimum would avoid similar scandals to the ‘Facebook’ scandal but at best will build customer trust and enhance your brand.
As part of your CDR strategy, GDPR introduces a series of rights which empower individuals to "own" their own PII. We can call them a CDR 'Bill of Rights'.
These include, among others, giving individuals:
All in all, your systems must be able to instantly identify and surface any PII you have on demand. But the big question is: how can you allow for this without huge amounts of effort?
Sitecore XP 9 including privacy by design on your site
Sitecore's White Paper on Sitecore XP 9 and GDPR runs through the many 'privacy by design' functionalities of Sitecore XP 9 which meet each of these (and more) CDR Rights in turn.
Notable features in Sitecore XP 9 include the Sitecore xConnect's API "GetContactAsync" which allows you to retrieve a full contact profile for a given contact; including all known data and historical behaviour, offering you easy and accessible information to recall to your visitors when requested.
The same feature allows your visitors to "ExecuteTheRightToBeForgotten". This functionality irreversibly anonymises PII, again keeping you in line with GDPR.
So Sitecore XP 9 addresses the CDR Bill of Rights when it comes to your site. But what about PII you have stored on your CRM and EXM databases? Ideally, you want to extend the Sitecore XP 9 privacy by design functionalities to sync up with all customer PII you have stored, wherever it may be, and this is how Nemetos can help.
CDR surfacing solution
Here at Nemetos, we can help you to develop an integrated CDR solution for surfacing PII. Our teams have experience in building customised web interfaces for your specific CRM and EXM databases and Sitecore. This would mean that customers could access their own profiles on your CRM database from your site directly. They could then take ownership of their own PII, amending and managing their preferences as they see fit so that each customer profile becomes its own 'preference centre' rather than black and white opt outs.
Most importantly, our applications are 'tried and tested' at respecting the CDR preferences selected by each customer exercising their newfound data rights, winning trust and creating a serious competitive advantage for you.
#CorporateDataResponsibility, #CDR, #GDPRcountdown
Practical steps to ensure your website is compliant.
Date: Wednesday 9th May 2018
Time: 10:00-10:45am GMT