NOTE: To watch the video of the complete event, please check AMDIA´s youtube channel: here. Gabriela Szlak’s presentation can be found from 3:23:15. To download Gabriela Szlak’s presentation (PDF) click here.
In the event, which focused on how to achieve success with email and automation marketing strategies and best practices, Gabriela Szlak, partner at Lerman & Szlak, had the challenging task to present briefly an overview on Data Protection and GDPR, focusing on email marketing, and considering user´s rights and companies’ obligations under the new regulation, in Argentina and in the region.
In a context in which users feel they do not have control over their data nor over protecting their privacy when sharing personal information online, be it by filing a form or by registering on an app and in which companies consider data a business asset, these regulation, valid since the 25th of May 2018, comes to elevate the standards for the protection of privacy in favor of consumers and to increase the regulatory load for the companies that process users data.
Even though complying with GDPR is challenging for companies, it is also an opportunity to bring more transparency to users and to build trust.
The event took place last Wednesday the 25th of September at the Four Seasons Hotel in Buenos Aires. More info: http://www.emailsummit.org
Gabriela provided a TO DO List that to comply with GDPR:
When interacting with Users:
- Consent (opt in): adequate it to the new regulation and document it.
- Establish Protocols: to assure the rights of users such as the right to actualize their data, the right to portability, etc.
At your Company :
- Data Protection Officer (DPO): Designate one when the regulation requires it from your company. If not required, consider designating an internal responsible person or hiring external services.
- Accountability: Keep track all activities related to Personal Data.
- Privacy by Design: implement privacy by design with the assistance of adequate legal and technical advisors.
- Privacy Impact Assessment (PIA): for cases in which you treat data at a great scale, etc.
- Training and continuous improvement of processes: Implement protocols for employees and for press and communications. For instance, to be able to notify incidents. Implement technical and security measures.
When interacting with Providers and/or business partners:
- Data Processing Agreement: sign agreements, for instance, with hosting and technology providers in general, etc.
- International Data Transfers – Sign contracts when the regulation considers it necessary– Verify with legal assistance when and how to comply with the requirements for these typo of transfers.
Gabriela’s presentation, which closed the event, was received with a full auditorium, with excellent comments and tweets from the audience, who highlighted Gabriela Szlak’s clarity and knowledge of the direct marketing and e-commerce industries.
For more information on the event and on Data Privacy and Direct Marketing, please contact Gabriela Szlak, partner at Lerman & Szlak. at [email protected].