How do firms comply with GDPR guidelines while leveraging Kentico?

Data privacy regulations encompass many operational aspects of software tools and applications. There is no exception to the Kentico product line. Developers and architects alike have well become aware of the right to store specific and sensitive form of customer data. The importance of collating customer data belonging to different plans and membership schemes has also necessitated organizations to upgrade to more secure platforms and systems.  

Organizational Perspective

Newer privacy regulations such as those outlined by GDPR encompass a number of organizational areas such as new policies, leadership, training, governance, and data management. At the project level, not many of the regulations mean a lot –the project analysts have to be as learned about the GDPR data privacy and security guidelines, more or less the same way as developers and technical consultants.

There are certain areas that are concerned with data privacy apart from the conventional aspects associated with consent on data collection or removal.

Below are certain scenarios for better implementation or incorporation of the newest GDPR guidelines.

I. Importing Contact Data Manually

When executing e-mail marketing campaigns, the cluster of prospects and their contact details might be stored across disparate systems. It calls for efficient mapping of data and the required level of data governance to make the systems work together so that the e-mail campaign hits the right target audience with the required level of integrity. The enterprise must have satisfactory answers for questions pertaining to the safety of personal data:

• Is the personal data stored at the local workstations before being imported to Kentico?
• Is there a provision to delete and clean up entire data on request from concerned authority?
• Is there a record of subscribers’ agreement to the use of personal data through website forms?
• Are the data mapping and documentation procedures in place before actually importing data?

II. Integrating Third-Party Solutions

Let us take the example of integrating a learning management system (LMS) with the Kentico application. In order to segment the data of candidates based on the desired course and batch intake for sending out e-mailers, the system needs effective usage of data to filter the recipients. It is also highly recommended to have a security mechanism between the marketing application and third-party learning management tool for safe and secure retrieval and usage of data for the intended campaign or mailing purpose.

In addition to the personal data entered at the start of a new academic session, the LMS is also gradually fed data about the progress of course and the individual marks scored. In such a scenario, the GDPR guidelines call for effective data governance practices and eliminate practices such as using spreadsheets on local desktops – considered to be risky in terms of safe handling of personal data. In such cases, it becomes vital to install an upgraded version that ensures newly introduced GDPR privacy regulations are followed. The buyer is suggested to promptly ask for the same from the concerned vendor beforehand.

III. Subscriber Data for Differing Service Plans/Memberships

In order to understand this, let us take the example of a Fortune 100 company, which presents a variety of service packages and membership programs for its customers. These transactions would call for storage and transfer of a large volume of data across disparate systems. It became impractical to have a documented manual process to merge the data with the enterprise system. In order to eliminate the manual process altogether, the firm had to deploy a sophisticated and secure system that complied with GDPR guidelines and was compatible with the Kentico platform, thereby optimizing security as well as performance.

As such, more and more organizations are now able to counter the challenges linked to Kentico upgrade or integration with the third-party platforms.

About Raybiztech

Raybiztech is a leading global Information Technology (IT) Services and Solutions, a CMMI Level 3, ISO 27001:2013 Certified Company. We are a Member of NASSCOM, HYSEA, NJTC, and AIIA. Raybiztech offers comprehensive end-to-end IT Services for Business Application Development, Enterprise Solutions, Enterprise Collaboration Services, Testing and Quality Assurance Services, Cloud Computing and IT Infrastructure Management to organizations in the Banking & Finance, Insurance, Healthcare, Manufacturing, Retail, Media & Entertainment, Leisure & Travel, Telecom and Energy & Utilities verticals as well as Independent Software Vendors.