ClickCease GDPR - Syniti Matching (matchit) Updates

GDPR Compliance

Are your Data and Systems GDPR Compliant?

Is your data compliant with the General Data Protection Regulation? Do your systems allow you to handle customer data securely and respond fully and easily to Subject Access Requests the Right To Be Forgotten?

“You can’t forget about GDPR and it’s done. It’s an ongoing thing.”
Richard Sisson, Information Commissioner’s Office

Your Database

Keep all your customer/prospect
data is accurate and up to date

Your Operations

Maintain high levels of security and
control of all personal data

Customer Service

Be able to respond to Subject Access
Requests promptly and fully

Time to ask yourself these questions...

How Many of Your Records are Duplicates?

Under GDPR, you must keep all personal data you hold accurate and up to date. This includes names and contact details, but also payment methods, dates etc. Crucially for GDPR compliance, you must also be able to demonstrate whether each person has consented to their data being used and for what purposes. Maintaining accurate and up-to-date data is difficult if you have duplicate records for someone, or records for the same person in different databases, as you could update information in one of these records but not the others. With Syniti, you can combine duplicate records and find and link records from different databases using Syniti Match, to create an accurate and up-to-date Single Customer View.

Are Your Addresses Correct and Deliverable?

Nothing demonstrates poor data quality to your customer more clearly than using an incorrect or out-of-date address. With Syniti, you can ensure addresses are accurate and deliverable using Royal Mail reference data and address data from other providers in 240 countries worldwide. This reference data is updated regularly by the postal authorities, so regular address verification will enable you to update postcodes etc. as and when they change.

Do You Suppress Customers Who Have Moved or Died?

Holding out-of-date data for people who have died or moved is an obvious breach of GDPR rules. Using information from Royal Mail, the DMA and several other data providers, Syniti’s suppression processing allows you to update addresses for customers who have moved, flag them as “gone away” if the new address is not available, remove or update deceased records and flag records for people who don’t want to be contacted.

Is Personal Data Secure Everywhere?

If you continually export data from one system to another, it is very difficult to maintain strict security standards while the data is in flight – and any security system is only as good as its weakest link. Syniti Match can integrate into your operational database, utilizing the security and reporting tools within your database management system to provide access control and an audit trail of updates. By processing data in one system instead of several, you also minimise the potential for errors and delays.

How Quickly Can You Notify a Breach?

If despite every precaution, your security is breached, GDPR requires you to report certain types of data breach to the ICO within 72 hours of you becoming aware of it – maybe notifying the customers affected too. Keeping all personal data under your control within a central database enables its monitoring tools to warn you immediately of unauthorized access. If you do need to notify customers, an up-to-date Single Customer View with accurate contact and customer relationship details will allow you to do so promptly and reliably.

Can You Respond To Customer Requests Quickly?

GDPR requires you to be able to respond promptly to Subject Access Requests – either for data portability or simply for the individual to check what data you hold about them. Under GDPR, the first request is free of charge. You need an accurate and up-to-date Single Customer View to respond to requests from your customers quickly and fully, as well as help ensure that the data you hold about them is correct. Syniti provides an easy, reliable way to search for your customer across all your databases and fulfill these data requests.

Can You Handle the Right To Be Forgotten?

GDPR gives the customer an enhanced “Right to be Forgotten” (or Right of Erasure) which requires you to delete all the data that you hold about that customer and to demonstrate that you have done so. With an accurate Single Customer View, you can find all the data for the customer that you need to delete and use Syniti Match to check effectively that the customer data is no longer stored. Finally, one of the key principles of GDPR is that personal information must not be kept for longer than is absolutely necessary to fulfill the purpose for which it was acquired. Without an accurate Single Customer View, it will be difficult to delete all information about a customer, but it will be impossible to know when you no longer need to keep it!

Syniti provides an easy, reliable way to search for your customer across all your databases, delete the records and write the key customer information out to a suppression file, where Syniti Match’s batch solutions can be used to ensure that you don’t inadvertently add that customer back to your database in future.

How Do You Establish and Maintain Consent?

GDPR places an increased burden on you as the Data Controller to obtain consent from your customer for the purposes for which you process their data. Consent doesn’t always have to be explicit, but you can only demonstrate implied consent by having a complete view of how you acquired that customer’s data and why you want to process it. This information is provided by an accurate Single Customer View, which also allows you to process a withdrawal of consent easily. Furthermore, maintaining accurate consent records for your customers will help reduce the number of Subject Access Requests that your customers make due to inappropriate use of their data.