EU-GDPR data protection requests
EU-GDPR: How to respond to data protection requests from data subjects in a timely manner.
This is what the new and extended right to information means.
Since May 25, 2018, the new General Data Protection Regulation of the European Union, or EU-GDPR for short, applies and with it a new and extended right to information. According to Article 15 of the GDPR, data subjects have the right to receive confirmation from data controllers as to whether personal data are being processed. This information must be provided in a timely manner. If data is processed, the respective company must provide a lot of additional information regarding the data.
How do I find the customers in my systems?
This question presents many companies with very specific practical problems. After all, customer data is often stored in several different systems. As a result, it can be tedious and time-consuming to find the corresponding entries for a specific customer. In addition, requests must be answered promptly according to the GDPR.
The GDPR has another requirement in store: Article 12, paragraph 1 and Article 5, paragraph 2 of the General Data Protection Regulation state that data controllers must take appropriate preparatory measures to ensure that data subjects receive timely responses to their requests.
With a cross-system customer index, you can respond to inquiries quickly, accurately, and on time.
With TOLERANT Match, you can easily build a central search index for your data protection requests. There, data from different sources and systems can be merged – so a cross-system customer search works quickly and easily. In just a few seconds, you can find out whether the requester is listed in your systems – and if so, in which ones. This allows you to provide an initial assessment to the customer in a timely manner and to quickly process the request without time-consuming individual searches in your systems.
60 x faster and thus a time and cost saving.
10 sec. with TOLERANT Match vs.
10 min. with a conventional search in several systems.
This is what TOLERANT Match does for you
- You find customers quickly and across systems
- Matches with similar spellings are also found reliably
- Search rules can be optimized individually
- You can restrict access exclusively to the data protection officer and a data protection inquiry team
- You can optionally store pseudonymized or partially pseudonymized data (e.g. credit card number 1234 xxxx xxxx 5432)
- You can find the data you are looking for quickly and easily
- You save approx. 10-30 min. research time per case
- You can contact the applicant in due time according to the EU-GDPR and provide the required initial assessment
- Internal and external blacklists can be easily integrated (e.g. Robinson list …)
- You create a solid basis for follow-up searches in the relevant systems
- Set-up can be easily done in a few days without complex system integration
- Scaled to large inventories > 10 million
What you need for TOLERANT Match
- A server with Linux or Windows Server 2016, 4 cores, 4 GByte RAM + 1 GByte RAM per 1 million records in the index, 10 GByte hard disk + 2 GByte per 1 million records.
- From each system with customer data you need an export in CSV format with name, address, phone, e-mail, Source/System, customer number and date of last change, if applicable.
- Optional stronger integration for direct data supply via web service possible
CONCLUSION: A cross-system customer index with TOLERANT Match is your technical basis for fast and complete responses to customer queries about data protection.