Data Creep: Do you know the secret hidey-holes for your data?
Today is international Data Privacy Day, but do you know where your data is at all times? It is your responsibility!
If you collect customer, prospect, or employee data, or give individuals the opportunity to have their say on your website, ensure you track it, react to it, then make a conscious decision to use it or (securely) lose it!
Let us look at some things that you should be aware of to make sure your handling of data is fully compliant.
Insecure Duplication
You have designed a website or application that ticks all the boxes. You have diligently mapped out all response links, marketing funnels and ‘contact us’ fields to ensure your data is fed directly to your CRM or response engine.
However, have you checked to see if a copy of the data is being stored as duplicate campaigns/datasets on the website? There is nothing wrong with using your website as a database management system, assuming you are doing it knowingly and you have appropriate access, security and deletion protocols in place.
At Annertech, when we carry out Data Protection Audits of new client sites, more often than not, we identify campaigns well forgotten by the digital team, sitting in the backend of the site. Now is the perfect time to do a spring clean and carry out a website audit.
Free-form text fields
Another area where data can creep in unnoticed is in your ‘free-form’ text fields. Again, you have carefully mapped and linked your response fields. Then, tagged onto the end of your form, is a casual ‘tell us everything & anything in 250 characters’ text field.
Before you know it, they may have divulged personal data that is not relevant to the information you wanted or expected to capture. Once you know something, it is impossible to un-know.
You potentially have GDPR responsibility in relation to this personal data. The worst part is, when we flag to clients that they have unstructured data sets sitting in the backend of their system, often containing personal information, they explain that this data is not even transferred or accessed due to its unstructured format.
And finally...
Over the last 12 months, everyone has become cookie compliance experts due to the advancements of the ePrivacy directive.
It is essential you understand the need for consent before cookie tracking can be instigated to track a customer journey. Consciously identify the analytics platform you are going to use, request consent, and only then use it once consent is granted. Otherwise, keep it switched it off!
Need help with your data privacy?
Why not schedule a call with our data protection expert, and she can answer any questions you might have about cookies, ePrivacy, and GDPR.
Maeve Dunne Data Protection Officer
Integrating privacy into your business and marketing strategy builds trust and loyalty for your brand. Maeve takes a common-sense approach to data protection regulation and provides clients with independent data protection officer support.