What is GDPR?

The General Data Protection Regulation (GDPR) came into effect on 25th May 2018. It replaces the current Data Protection Act and introduces substantial changes to how companies are allowed to collect and handle personal information. The regulations affect all organizations doing business with and in the EU.

To be compliant with GDPR, organizations must:

Gain specific consent from visitors in order to collect and use their personal information

On request, show visitors what data you collect, how you use it, how long you will keep it

Delete all data about a visitor on request

How does BloomReach support your GDPR strategy?

At BloomReach we have adopted Privacy by Design, an approach that puts privacy and compliance principles at the core of our product.

Our products have a number of out-of-the-box features to support your GDPR strategy:
 

GDPR Requirement

 

BloomReach Feature

 

Details

Acquire customer’s specific consent to collect and use customer data (Article 5)

 

Consent cookie

 

Implement a customized consent cookie pop-up to provide transparent opt-in options for tracking and data collection

Serving personal data to visitors on request (Article 15)

 

Public REST API

 

When requested, display to the visitor their data that has been collected, how it is being used, and how long it will be kept in the database

The right to be forgotten (Article 17)

 

Public REST API

 

Delete all data about a visitor on request

Personal data cannot be attributed to a specific person without the use of additional information (Highly Encouraged, Article 4)

 

Pseudonymization

 

Separate personal data from direct identifiers stored on the visitor’s client to maintain personal privacy

Request a demo

Thank you

We'll be in touch shortly to discuss how we can help your business.

Note: This page does not constitute legal advice or guidance.