Privacy and Consent

A company needs to get compliant with privacy regulations.

Problem

A company that delivers services leveraging the sharing economy pursues to strengthen the customers privacy controls.

Overview

The drivers for the change are privacy regulations (GDPR, CCCPA), costs of a potential non-compliance as well as an increased customer awareness. Since the company operates globally, they need to comply with multiple privacy regulations and they do hope to be prepared for upcoming ones.

The company sought a legal advice in the past and was recommended to update the privacy policy in the first place. It was also made clear that the privacy policy update alone was not enough and changes at the service level were indispensable.

The company has to be able to capture and store user consents and let the users manage them. The act of granting a consent, its scope, the granting authority, and the granting procedure have to be easily verifiable. The company needs to accommodate Data Privacy Officer (DPO), who effectively controls relevant data and consents, performs necessary audits to ensure compliance, and prevents data leakages.

The in-house built privacy solution could divert a significant amount of resources required for company’s core operations and still might not guarantee compliance.

The broad requirements to be satisfied have ruled out the in-house solution. The company is looking for a product that will seamlessly integrate with their platform and satisfy the requirements.

Solution

The company selects Cloudentity to strengthen their customers' privacy.

Result

Cloudentity’s solutions allow the company to