How we think GDPR will going to change the tech landscape

Iain Cambridge on August 26, 2021

GDPR is a massive topic in the tech community with lots of work being required as well as limitations on what you can do to be compliant with it. We believe that it will have a massive effect on the tech landscape in the upcoming years as more and more court cases decide what is and what is not allowed.

Quick Overview of GDPR

First things first, what is GDPR actually? GDPR is an EU law that gives people more control over their data. Specifically how and who processes it.

The rights GDPR gives you:

  • The right to have your data deleted.
  • The right to have your data exported
  • The right to have your data corrected
  • The right to choose how your data is used.
  • The right to be able to transfer your data to a competitor.
  • The right to not be subject to a decision based solely on automated processing

The requirements GDPR puts on companies:

  • Required to get permission before sharing data.
  • Required to report any data breach. Either via illegal access of data or leaking information.
  • Required to limit processing and collection of data which is necessary and to delete data once it is no longer required
  • Required to delete data they are not legally required to keep upon request for deletion.
  • Required to check if vendors are also GDPR compliant before sharing data

Our Prediction

We predict that in the future companies will start moving away from managed SaaS applications for their generic needs and instead start using on-site applications instead. That is instead of using a third party A/B testing system they will use an on-site A/B Testing system like the one Parthenon provides.

Vendor Compliance

One of the issues we foresee with the GDPR moving forward is the requirement to ensure that vendors are GDPR compliant. This could be from various levels such as in the case of using Mailchimp where a company in Germany was found to be in breach of GDPR because they failed to ensure that Mailchimp didn’t fall under the US Intelligence laws on communications. Luckily for the company involved the courts accepted it was a minor usage that had stopped and didn’t give them a fine them. However, in the future companies may not be so lucky.

Data Breaches

Another reason we foresee a move to on-site application instead of managed SaaS applications is the requirement to report data breaches. Due to the requirement to report data breaches and inform users we think that companies will want to avoid the negative PR that a data breach of a vendor would imply for their company. Reporting a data breach is not fun, having to report a data breach can be an expensive process. We think having to do this work because of something outside of your control will make it even more unpleasant and make companies want to take back control of the data and process it themselves to avoid the negative PR.

Data Exports

We foresee that companies will have to start fetching data from all of their vendors whenever a user requires a data export. Having to fetch data for multiple sources before being able to provide the export may bring in personnel overheads as some companies may not provide an automated way of doing the export. However, when you have something on-site you’ll always have access to the database thus making it easier and faster to provide full data exports.

How Parthenon Helps

Parthenon helps by….


Get the advantage by keeping up to date on how tech can help your business and learn technical things in a non-techincal way by subscribing to our weekly newsletter.