Why GDPR is the reason to use a DMP

By Jelmer Pepping

It isn’t new, since May 2016 it is obtained, and as of May 2018 organizations are accountable for compliance: the GDPR. Numerous blogs are written already, especially to summarize the 156-page document in clear language. The GDPR principles mostly relate to proper documentation and lawful acting. However, for one of the principles technological support is required. You have to provide insight in data which is collected from customers, and have the possibility to adjust, delete or move this data. For many organizations it is difficult because personal data is spread over many different tools. In my opinion a simple solution for this is the use of a data management platform (DMP).

In short: the GDPR

It is only six months until the start of the General Data Protection Regulation (GDPR), which is called Algemene Verordening Gegevensbescherming (AVG) in the Netherlands. Because the previous legislation no longer fits the current digital age, these new regulations are created. Up until May 25th, 2018, organizations have the time to prepare for this legislation. The GDPR can be briefly explained using 8 principles:


1. Legitimacy & Transparency; the person whose data is processed is aware of it, has given permission for it and knows his rights.
2. Target restriction; personal data may only be collected and used for legitimate purposes.
3. Data restriction; only data necessary to achieve the intended purpose may be collected.
4. Accuracy; personal data must be correct, and that should be maintained.
5. Saving restriction; personal data may not be kept longer than necessary for the intended purpose.
6. View-, correction- and removal right, and data portability; personal data must be transparent, adaptable, removable and movable.
7. Security; personal data must be protected against unauthorized access, loss or destruction.
8. Accountability; the one responsible must be able to demonstrate compliance with these rules. In some cases, a Data Protection Officer (DPO) must be appointed.

Fig 1. GDPR principles overview


Why many organisations have a hard time complying the GDPR

I often work with organizations that find it difficult to work with GDPR. Most principles of the GDPR are simple to organize, but the most complicated part for most companies is to view, adjust, delete or move data. Often this is because customer data is spread throughout all systems of a company. From CRM tool to email marketing tool, and from E-commerce platform to ERP systems, personal data is processed everywhere. Because the different tools don’t communicate well, it is quite difficult to show a customer what you know about them. Let alone that you can do it at the moment the consumer wants to change, remove, or move his data.¬†Often, a manual action has to be done in all tools that contain personal data.

Fig 2. Every adjustment must be made manually in every tool that contains personal data.


The solution for GDPR: a data management platform

A Data Management Platform (DMP) has access to all source systems containing personal data. So, a DMP can communicate continuously with all these systems. The moment a customer wants to retrieve, change, delete or move his data, it’s piece of cake for a DMP. Only one signal is sent to the DMP and the platform can easily retrieve and implement it in all source systems. Because this process is fully automated, employees are no longer necessary.

Fig 3. A DMP has insight into all information and can automatically process mutations in all systems.


GDPR: not the only reason to start using a DMP

Of course, the GDPR is not the only reason to work with a Data Management Platform. A DMP allows you to follow your customers through the entire customer journey. In addition, you can create an unique 360-degree customer profile with the help of a DMP. Based on these profiles you can communicate even more specific with your customer. In the ideal situation you want every experience with your company to be personal; not only on website, e-mail, and advertising, but also offline. That way you are relevant to everyone at all time. In addition, you can expand the existing customer database with new customers by targeting lookalikes. So, a DMP allows you to serve your advertising in a more targeted way. This makes it more efficient and therefore cheaper.

Other solutions?

A Data Management Platform is not the only solution and may not fit every organization. Nevertheless, I do think that many companies can use a DMP to easily comply with the new legislation. Of course, there are other solutions and I am curious how you approach it. How do you ensure that you meet the GDPR in May 2018?