GDPR is a massive topic in the tech community with lots of work being required as well as limitations on what you can do to be compliant with it. We believe that it will have a massive effect on the tech landscape in the upcoming years as more and more court cases decide what is and what is not allowed.
First things first, what is GDPR actually? GDPR is an EU law that gives people more control over their data. Specifically how and who processes it.
The rights GDPR gives you:
The requirements GDPR puts on companies:
We predict that in the future companies will start moving away from managed SaaS applications for their generic needs and instead start using on-site applications instead. That is instead of using a third party A/B testing system they will use an on-site A/B Testing system like the one Parthenon provides.
One of the issues we foresee with the GDPR moving forward is the requirement to ensure that vendors are GDPR compliant. This could be from various levels such as in the case of using Mailchimp where a company in Germany was found to be in breach of GDPR because they failed to ensure that Mailchimp didn’t fall under the US Intelligence laws on communications. Luckily for the company involved the courts accepted it was a minor usage that had stopped and didn’t give them a fine them. However, in the future companies may not be so lucky.
Another reason we foresee a move to on-site application instead of managed SaaS applications is the requirement to report data breaches. Due to the requirement to report data breaches and inform users we think that companies will want to avoid the negative PR that a data breach of a vendor would imply for their company. Reporting a data breach is not fun, having to report a data breach can be an expensive process. We think having to do this work because of something outside of your control will make it even more unpleasant and make companies want to take back control of the data and process it themselves to avoid the negative PR.
We foresee that companies will have to start fetching data from all of their vendors whenever a user requires a data export. Having to fetch data for multiple sources before being able to provide the export may bring in personnel overheads as some companies may not provide an automated way of doing the export. However, when you have something on-site you’ll always have access to the database thus making it easier and faster to provide full data exports.
Parthenon helps by….