{"id":38286,"date":"2018-05-17T13:26:30","date_gmt":"2018-05-17T18:26:30","guid":{"rendered":"https:\/\/wpengine.com\/?p=38286"},"modified":"2018-12-07T12:48:48","modified_gmt":"2018-12-07T18:48:48","slug":"gdpr-is-coming-is-your-dxp-ready","status":"publish","type":"post","link":"https:\/\/wpengine.com\/resources\/gdpr-is-coming-is-your-dxp-ready\/","title":{"rendered":"GDPR is Here \u2014 Is Your DXP Ready?"},"content":{"rendered":"<p><i><span style=\"font-weight: 400;\">The EU\u2019s General Data and Protection Regulation went into effect on May 25\u2014it&#8217;s not too late to get up to speed now with these tips<\/span><\/i><\/p>\n<p><span style=\"font-weight: 400;\">If the words General Data Protection Regulation (GDPR) are new to you, we won\u2019t sugarcoat it\u2014you\u2019re a little late to the party. <\/span><\/p>\n<p><span style=\"font-weight: 400;\">The GDPR is a <\/span><a href=\"https:\/\/en.wikipedia.org\/wiki\/General_Data_Protection_Regulation\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">comprehensive set of laws<\/span><\/a><span style=\"font-weight: 400;\"> which were approved by the European Union Parliament in 2016. Focused on protecting the privacy and personal data of individuals residing in the EU, the new rules and regulations replace existing data privacy laws and offer consumers greater control over how their personal data is collected and used.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">For the majority of organizations within the EU, this is probably not news. But for businesses based outside of Europe with customers that reside in any of the 28 EU member countries, GDPR compliance also affects them, and that may come as a surprise. \u00a0<\/span><\/p>\n<p><a href=\"https:\/\/www.gartner.com\/newsroom\/id\/3701117\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">Gartner estimates<\/span><\/a><span style=\"font-weight: 400;\"> that by the end of 2018, half of the organizations worldwide affected by GDPR will be non-compliant. Businesses that are found to be in violation of the new regulations risk steep fines and other significant penalties. <\/span><\/p>\n<p><span style=\"font-weight: 400;\">Even though the due date for compliance has already expired, it\u2019s not too late to make some tweaks. GDPR has broad implications, but one area where concrete steps can be taken to mitigate risk is your company\u2019s Digital Experience Platform (DXP). <\/span><\/p>\n<p><span style=\"font-weight: 400;\">By nature, a DXP combines data and content for a personalized experience, requiring both explicit or intentionally-provided data, as well as dynamic or transactional data. This means personal information that falls under GDPR regulations is often scattered throughout a DXP. While that might seem like a cause for concern, it\u2019s actually a great place to start. Check out these simple steps to begin:<\/span><\/p>\n<h2><b>Get a handle on your data <\/b><\/h2>\n<p><span style=\"font-weight: 400;\">It probably seems like a no-brainer, but the best way to begin preparing for GDPR is by understanding how and why your organization processes personal data. By performing a comprehensive audit of the data your organization collects and stores, you\u2019ll be able to more effectively adopt new tools and processes that help support GDPR compliance. <\/span><\/p>\n<p><span style=\"font-weight: 400;\">Your DXP is likely collecting customers\u2019 preferences, their location and other personal characteristics that are usually gathered to help provide a better digital experience. This also applies to other adjacent tools that are integrated with your platform \u2014 think analytics platforms, data and profi\u0080le management tools and marketing automation services where personal data is likely being stored. <\/span><\/p>\n<p><span style=\"font-weight: 400;\">For those responsible for particular applications, it\u2019s critical to create an inventory of all possible stores of personal data, classify and categorize that data and then identify new processes that will allow personal data to be processed within the confines of GDPR compliance. \u00a0<\/span><\/p>\n<h2><b>Vet your vendors <\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Products claiming to be GDPR-compliant have begun flooding the market, however, the ultimate responsibility for compliance falls to the organizations using these products. <\/span><\/p>\n<p><span style=\"font-weight: 400;\">However, implementing new tools, from consent cookies to widgets that allow users to see how their data is being used, will play an important role in achieving GDPR compliance. In this new environment, the tools and technology used should be seen as just that\u2014tools\u2014not a stamp of approval. Instead, each new piece of technology you adopt should be heavily vetted, both to make sure it does what it promises, but also to make sure there is a solid understanding within your organization of where each process fits in the larger GDPR compliance picture. <\/span><\/p>\n<p><span style=\"font-weight: 400;\">Brands should follow a relatively intuitive process with regards to assessing potential new tools used for GDPR compliance. They should begin by fully understanding the product\u2019s capabilities and how those capabilities fit the GDPR compliance puzzle. They should identify the gaps those capabilities leave uncovered, and finally, they should design and implement any needed functionality to cover those gaps. <\/span><\/p>\n<h2><b>Set policies and stick to them<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">By now, you hopefully have a good overview of the data within your DXP (and beyond) as well as a hype-free understanding of the tools you may want to implement. That\u2019s great, but the only way to keep your organization GDPR-compliant moving forward is to set company-wide policies, educate your staff about them and continue to reinforce them. <\/span><\/p>\n<p><span style=\"font-weight: 400;\">A major challenge with GDPR compliance isn\u2019t just at the organizational level, but at the individual employee level. Much like security protocols that can be upended by a single employee falling for a phishing attempt or a malware intrusion, a well-intentioned but ill-informed individual can also put your organization at risk by collecting or misusing the wrong type of personal data, including their own.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">It\u2019s for these reasons that employees must be well-versed in GDPR regulations as well as the policies your organization is implementing in order to remain compliant. In some organizations, these policies and their reinforcement will fall to a data protection officer. In smaller businesses, it may be the job of the security or IT director. Whoever owns the process, it must be viewed as an integral part of employee education and regular check-ups are critical. <\/span><\/p>\n<h2><b>Keep calm and GDPR on<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">As with other compliance regimes, becoming GDPR compliant and maintaining it moving forward will require new processes and a new approach to how your organization collects and uses customers\u2019 personal data. Beginning with the steps above, you\u2019ll be in good shape, but as always, every organization is unique and finding the right way to GDPR compliance will take a focused, nuanced approach. Good luck!<\/span><\/p>\n<p><b><i>Do you still have questions about GDPR and the ways your organization can become compliant? Check out the links below or let us know in the comments section! <\/i><\/b><span style=\"font-weight: 400;\">\u00a0\u00a0<\/span><\/p>\n<p><a href=\"https:\/\/www.youtube.com\/watch?v=RoSex-iGka4&amp;feature=youtu.be\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">How to make your WordPress site GDPR compliant<\/span><\/a><\/p>\n<p><a href=\"https:\/\/wordpress.org\/news\/2018\/04\/gdpr-compliance-tools-in-wordpress\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">GDPR Compliance Tools in WordPress<\/span><\/a><\/p>\n<p><a href=\"https:\/\/velocitize.com\/2018\/04\/17\/whats-gdpr-marketers-care\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">What\u2019s GDPR and Why Should Marketers Care? <\/span><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The EU\u2019s General Data and Protection Regulation went into effect on May 25\u2014it&#8217;s not too late to get up to speed now with these tips If the words General Data Protection Regulation (GDPR) are new to you, we won\u2019t sugarcoat it\u2014you\u2019re a little late to the party. The GDPR is a comprehensive set of laws<span class=\"tile__ellipses\">&hellip;<\/span><span class=\"tile__ellipses--animated\"><\/span><\/p>\n","protected":false},"author":200,"featured_media":38297,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[17],"tags":[1222],"class_list":["post-38286","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-how-to","tag-gdpr"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v20.9 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>GDPR is Coming \u2014 Is Your DXP Ready?<\/title>\n<meta name=\"description\" content=\"The EU\u2019s General Data and Protection Regulation goes into effect on May 25. Even though the due date for compliance is just around the corner, it\u2019s not too late to start getting ready.\" \/>\n<meta name=\"robots\" content=\"noindex, follow\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"GDPR is Coming \u2014 Is Your DXP Ready?\" \/>\n<meta property=\"og:description\" content=\"The EU\u2019s General Data and Protection Regulation goes into effect on May 25. Even though the due date for compliance is just around the corner, it\u2019s not too late to start getting ready.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/wpengine.com\/resources\/gdpr-is-coming-is-your-dxp-ready\/\" \/>\n<meta property=\"og:site_name\" content=\"WP Engine\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/wpengine\" \/>\n<meta property=\"article:published_time\" content=\"2018-05-17T18:26:30+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2018-12-07T18:48:48+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/wpengine.com\/resources\/wp-content\/uploads\/2018\/05\/shutterstock_560832187-1024x787.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"787\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Abe Selig\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@wpengine\" \/>\n<meta name=\"twitter:site\" content=\"@wpengine\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Abe Selig\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/wpengine.com\/resources\/gdpr-is-coming-is-your-dxp-ready\/\",\"url\":\"https:\/\/wpengine.com\/resources\/gdpr-is-coming-is-your-dxp-ready\/\",\"name\":\"GDPR is Coming \u2014 Is Your DXP Ready?\",\"isPartOf\":{\"@id\":\"https:\/\/wpengine.com\/resources\/#website\"},\"datePublished\":\"2018-05-17T18:26:30+00:00\",\"dateModified\":\"2018-12-07T18:48:48+00:00\",\"author\":{\"@id\":\"https:\/\/wpengine.com\/resources\/#\/schema\/person\/b732a884dbf4917dcd15ce2e9fbd3652\"},\"description\":\"The EU\u2019s General Data and Protection Regulation goes into effect on May 25. Even though the due date for compliance is just around the corner, it\u2019s not too late to start getting ready.\",\"breadcrumb\":{\"@id\":\"https:\/\/wpengine.com\/resources\/gdpr-is-coming-is-your-dxp-ready\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/wpengine.com\/resources\/gdpr-is-coming-is-your-dxp-ready\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/wpengine.com\/resources\/gdpr-is-coming-is-your-dxp-ready\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/wpengine.com\/resources\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"GDPR is Here \u2014 Is Your DXP Ready?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/wpengine.com\/resources\/#website\",\"url\":\"https:\/\/wpengine.com\/resources\/\",\"name\":\"WP Engine\",\"description\":\"Managed Hosting for WordPress\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/wpengine.com\/resources\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/wpengine.com\/resources\/#\/schema\/person\/b732a884dbf4917dcd15ce2e9fbd3652\",\"name\":\"Abe Selig\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/wpengine.com\/resources\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/6deb04da8be57a16bed1b5ad7722572beaa7ed7292795763c9324d46b0ad9454?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/6deb04da8be57a16bed1b5ad7722572beaa7ed7292795763c9324d46b0ad9454?s=96&d=mm&r=g\",\"caption\":\"Abe Selig\"},\"description\":\"Abe Selig is a writer, amateur musician and accomplished inshore fisherman. He began his career as a journalist and now tells stories about technology and the ways it\u2019s helping businesses thrive. He is an Austin, TX native who has lived in New York City and traveled all around the world. You can reach him at abe.selig@wpengine.com.\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"GDPR is Coming \u2014 Is Your DXP Ready?","description":"The EU\u2019s General Data and Protection Regulation goes into effect on May 25. Even though the due date for compliance is just around the corner, it\u2019s not too late to start getting ready.","robots":{"index":"noindex","follow":"follow"},"og_locale":"en_US","og_type":"article","og_title":"GDPR is Coming \u2014 Is Your DXP Ready?","og_description":"The EU\u2019s General Data and Protection Regulation goes into effect on May 25. Even though the due date for compliance is just around the corner, it\u2019s not too late to start getting ready.","og_url":"https:\/\/wpengine.com\/resources\/gdpr-is-coming-is-your-dxp-ready\/","og_site_name":"WP Engine","article_publisher":"https:\/\/www.facebook.com\/wpengine","article_published_time":"2018-05-17T18:26:30+00:00","article_modified_time":"2018-12-07T18:48:48+00:00","og_image":[{"width":1024,"height":787,"url":"https:\/\/wpengine.com\/resources\/wp-content\/uploads\/2018\/05\/shutterstock_560832187-1024x787.jpg","type":"image\/jpeg"}],"author":"Abe Selig","twitter_card":"summary_large_image","twitter_creator":"@wpengine","twitter_site":"@wpengine","twitter_misc":{"Written by":"Abe Selig","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/wpengine.com\/resources\/gdpr-is-coming-is-your-dxp-ready\/","url":"https:\/\/wpengine.com\/resources\/gdpr-is-coming-is-your-dxp-ready\/","name":"GDPR is Coming \u2014 Is Your DXP Ready?","isPartOf":{"@id":"https:\/\/wpengine.com\/resources\/#website"},"datePublished":"2018-05-17T18:26:30+00:00","dateModified":"2018-12-07T18:48:48+00:00","author":{"@id":"https:\/\/wpengine.com\/resources\/#\/schema\/person\/b732a884dbf4917dcd15ce2e9fbd3652"},"description":"The EU\u2019s General Data and Protection Regulation goes into effect on May 25. Even though the due date for compliance is just around the corner, it\u2019s not too late to start getting ready.","breadcrumb":{"@id":"https:\/\/wpengine.com\/resources\/gdpr-is-coming-is-your-dxp-ready\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/wpengine.com\/resources\/gdpr-is-coming-is-your-dxp-ready\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/wpengine.com\/resources\/gdpr-is-coming-is-your-dxp-ready\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/wpengine.com\/resources\/"},{"@type":"ListItem","position":2,"name":"GDPR is Here \u2014 Is Your DXP Ready?"}]},{"@type":"WebSite","@id":"https:\/\/wpengine.com\/resources\/#website","url":"https:\/\/wpengine.com\/resources\/","name":"WP Engine","description":"Managed Hosting for WordPress","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/wpengine.com\/resources\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/wpengine.com\/resources\/#\/schema\/person\/b732a884dbf4917dcd15ce2e9fbd3652","name":"Abe Selig","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/wpengine.com\/resources\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/6deb04da8be57a16bed1b5ad7722572beaa7ed7292795763c9324d46b0ad9454?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/6deb04da8be57a16bed1b5ad7722572beaa7ed7292795763c9324d46b0ad9454?s=96&d=mm&r=g","caption":"Abe Selig"},"description":"Abe Selig is a writer, amateur musician and accomplished inshore fisherman. He began his career as a journalist and now tells stories about technology and the ways it\u2019s helping businesses thrive. He is an Austin, TX native who has lived in New York City and traveled all around the world. You can reach him at abe.selig@wpengine.com."}]}},"acf":[],"_links":{"self":[{"href":"https:\/\/wpengine.com\/resources\/wp-json\/wp\/v2\/posts\/38286","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/wpengine.com\/resources\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/wpengine.com\/resources\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/wpengine.com\/resources\/wp-json\/wp\/v2\/users\/200"}],"replies":[{"embeddable":true,"href":"https:\/\/wpengine.com\/resources\/wp-json\/wp\/v2\/comments?post=38286"}],"version-history":[{"count":0,"href":"https:\/\/wpengine.com\/resources\/wp-json\/wp\/v2\/posts\/38286\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/wpengine.com\/resources\/wp-json\/wp\/v2\/media\/38297"}],"wp:attachment":[{"href":"https:\/\/wpengine.com\/resources\/wp-json\/wp\/v2\/media?parent=38286"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/wpengine.com\/resources\/wp-json\/wp\/v2\/categories?post=38286"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/wpengine.com\/resources\/wp-json\/wp\/v2\/tags?post=38286"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}