Careers
en DE RU
Contact
exponea.com
Request Demo
Why Bloomreach?
Products
x
Bloomreach Acquires Exponea. Learn more
Top Content
What’s a customer data platform? The definitive guide to CDPs (2021)
What’s customer lifetime value – All you need to know (The ultimate 2021 guide)
Consumer behavior: Practical application of marketing psychology in e-commerce (The ultimate guide)
What is a CDP? Download E-Book
Top Content
The ultimate guide to mastering email deliverability (2021)
Single customer view (SCV) overview for 2021
Customer data management: How to gather customer data correctly
The Ultimate E-Commerce Guide to Marketing Psychology Download E-Book
Top Content
Learn how to choose & implement a customer data platform (CDP)
Retail math: The most important formula in online retail
Sofology and Exponea: A one-year retrospective (How to get the most out of Exponea)
Fuel Online Retail Growth Through Precise Predictions Download E-Book
Top Content
What is zero party data and why is it important
CAC vs CPA: How to cut marketing costs when acquiring customers
(INTERVIEW) How Desigual improves CX and increases lifetime value
Exponea Security Features Download E-Book
Top Articles in Category
Conversion funnels: Analysis and optimization for e-commerce in 2021
E-Commerce conversion optimization in 2021 – A complete guide
The leading product recommendation methods for e-commerce
What’s a customer data platform? The definitive guide to CDPs (2021)
Learn how to choose & implement a customer data platform (CDP)
How we used our competitive advantage to build the CDP of the future
The ultimate guide to mastering email deliverability (2021)
Email marketing analytics deep dive: Metrics, goals, KPIs & reports for 2021
Email A/B testing – The quickest method to increasing your email performance and revenue
Organizational customer-centric marketing: This time it’s personal
What is customer lifecycle marketing / management (CLM)?
Create your own fully automated omni-channel customer experience
E-Book Recommendation
Your Customers Want an Experience. Give it to Them.
Download E-Book
CDP vs DMP vs CRM
Download E-Book
Guide to Everything You Should Test in an Email.
Download E-Book
Key E‑Commerce Strategies for 2020
Download E-Book

Table of Contents
  1. The reasons for hysteria around GDPR
  2. But don’t panic
  3. Knowledge is power
Listen this article on:

We Know GDPR: Introduction

Customer Data Platform CTO/DPO Corner Data Privacy, Security & Consent Management Exponea News
Feb 19, 2018 Zuzana Tomascikova 4 min read

The reasons for hysteria around GDPR

GDPR is the European Union’s response to corporate overreach and violation of individual privacy. Exponea recognizes the ramifications that may arise for online clients and is taking significant steps to assist them in compliance preparation.
E-commerce now has an obligation to clearly state what customer data is needed and for what, with whom it will be shared, in which countries, and for how long it will be held. A lot is at stake in this new environment, with penalties possible in the millions of Euros.

Lenka Gondova, Exponea’s Data Protection Officer (DPO) for GDPR compliance explains why the majority of companies still feel unprepared for the legislation and why the feelings of panic escalate with 25th May approaching.
The uncertainty around GDPR stems from two main factors:

Ambiguous formulations

Many requirements are relative to the particular situation of data processing. This means there are too many words such as ”appropriate” or “possible” (e.g. “appropriate security measures”). The local EU member states are expected to formulate more precise wording for data protection in their local laws, for the DPO, or when to execute Data Protection Impact Assessment (DPIA).

Temporary time delay in legislation across the EU

It is expected that the European Data Protection Board will be reviewing the proposed local laws in order to keep the original spirit of GDPR. However, the ‘Board’ will be established on the exact same date when GDPR comes to application –  on 25 May 2018.

This will definitely create a time delay.

Imagine 27 legislations sending their legal proposals to the Board on the very same date when GDPR becomes effective, to keep GDPR consistent across the EU.

This is happening at the time when we already have to be compliant. The Office for Data Protection doesn’t expect the local decrees to be ratified before the end of 2018.

But don’t panic

As a data-driven company, Exponea adopted an elaborate methodology for risk management to address the situation. We are present on most of the EU markets, so we need to keep an eye on all data protection laws differing just in tiny details.

We strengthened our information security management system. Long ago, Exponea decided to go beyond what was compulsory.

Following the company’s culture and determination to be compliant, we made a voluntary decision to implement ISO 27001 and ISO 9001 certifications earlier last year – and we became certified.

With the ISO certifications, we embraced a degree of risk management from a perspective of an organization. The approach of GDPR is to leverage the risks of data subject rights. It is a different perspective, but the logic behind it stays the same: there are threats, possible impacts and mitigation strategies.

In order to further assure our clients that we really do mean it, Exponea just received a new “GDPR insurance certificate” with a special Cyber Enterprise Risk Management Insurance by AON.

Knowledge is power

A strong risk management approach helps us bridge the uncertainty and make the right decisions based on data.
Some matters are already clear today. We ensure with internal training that people who work with Exponea implement the basic privacy principles into their everyday thinking and actions.

We are currently working on an e-book to help our customers comply with GDPR requirements with a set of practical guides on how to do it using Exponea. Guides within our e-book will help you avoid losing millions on penalties.

Lenka Gondova: Exponea’s guru for GDPR has the answers

Lenka started consulting Exponea in their preparation for ISO 27001 certification.

Internally, she was hired as CISO (Chief Information Security Officer). Since she was appointed as Data Protection Officer (DPO), we stopped using the position of CISO to mitigate the risks GDPR brought into DPO’s independence restrictions.
Lenka’s background is in several areas that equipped her with a useful mix of different skills at the time when GDPR is coming into practice.

Her major experience area are of IT audits and IT security audits.

In the last 15 years she carried out general IT audits according to ISACA auditing standards and certification audits according to ISO 27001 or other ISO IT-related standards.

IT audits brought her to her two other certifications, gained during her IT risk management and IT governance years. They are both useful when coping with the diversity of GDPR requirements.

Lenka’s background in certifications:

CISA, CGEIT, CRISC, ISO 27001 LA, ISO 20000-1 LA, ISO 22301 LA, eIDAS LA, CSX-F,  expert on auditing, risk management and governance who supports the local Office for Data Protection by creation of execution law for GDPR certification and DPIA.

  • CISA – Certified Information Systems Auditor
  • CGEIT – Certified in Governance of Enterprise IT
  • CRISC –  Certified in Risk and Information Systems Controls,
  • ISO 27001 LA – Information Security Management Systems Lead auditor,
  • ISO 20000-1 LA – IT Service Management Systems Lead auditor,
  • ISO 22301 LA –  Business Continuity Management System Lead auditor
  • eIDAS LA – Trusted Service Providers Certification Lead auditor
  • CSX-F – Cybersecurity Fundamentals certificate

Download new GDPR E-Book here: 

Read GDPR e-book

Top Articles

Customer Data Platform
Email Marketing
Omnichannel Marketing Automation
Conversion Rate Optimization

What’s a customer data platform? The definitive guide to CDPs (2021)

Read more

Learn how to choose & implement a customer data platform (CDP)

Read more

How we used our competitive advantage to build the CDP of the future

Read more

The ultimate guide to mastering email deliverability (2021)

Read more

Email marketing analytics deep dive: Metrics, goals, KPIs & reports for 2021

Read more

Email A/B testing – The quickest method to increasing your email performance and revenue

Read more

Organizational customer-centric marketing: This time it’s personal

Read more

What is customer lifecycle marketing / management (CLM)?

Read more

Create your own fully automated omni-channel customer experience

Read more

Conversion funnels: Analysis and optimization for e-commerce in 2021

Read more

E-Commerce conversion optimization in 2021 – A complete guide

Read more

The leading product recommendation methods for e-commerce

Read more

Watch Exponea demo video!
Explore the Customer Data & Experience Platform B2C Leaders Love to Use

MISSGUIDED Victoria Beckham Desigual
ebuyer River Island

We rely on cookies

to optimize our communication and to enhance your customer experience. By clicking on the Accept and Close button, you agree to the collection of cookies. You can also adjust your preferences by clicking on Manage Preferences. For more information please see our Privacy policy.

Manage cookies
Accept & close

Cookies preferences

Accept & close
Back
X
We use cookies to optimize our communication and to enhance your customer experience. We also share information about how you use our website with our third parties including social plugins and analytics. You consent to our use of cookies if you continue to browse our website. You can opt out of our cookie use on the Do not Sell my Personal Information page. For more information please see our Privacy Policy.
Subscribe