Data - How to collect data while being RGPD compliant

September 28, 2022
The RGPD " General Data Protection Regulation

The RGPD " General Data Protection Regulation"(GDPR) allows to frame the processing and circulation of personal data on the whole territory of the European Union since May 25, 2018.

It is therefore a question of harmonizing the European legal panorama in terms of data protection so that there is a single framework that applies among all the Member States.

In concrete terms, this directive puts all European companies on an equal footing in terms of customer data management.

Thus the reform has three main objectives:

  • Make the customer the custodian of his data.
  • Make actors handling sensitive customer data accountable, in particular to avoid a repeat of events such as Cambridge Analytica Gate.
  • Enhance the credibility of regulation and strengthen enforcement measures through enhanced cooperation between data protection authorities.

Who is affected by the RGPD?

The RGPD concerns all companies having an activity in Europe, whether they are established on the territory of the EU or whether their activity directly targets European residents.

What does the RGPD change on the client side?

Thanks to the RGPD, customers, whether B2B or B2C, benefit from a number of protections. Nowadays, companies must obtain prior written, clear and explicit consent from the individual in order to process their personal data.

The customer also benefits from :

  • A "recognition of a right to oblivion" allowing him to obtain an erasure or withdrawal of his personal data.
  • A right to data portability (to be able to move from one social network to another as from one ISP to another).
  • The right to be informed in the event of a hacking of one's data, as we have recently seen with the examples of FNAC and EasyJet.

So what are the main risks for B2B companies in case of non-compliance with the GDPR?

In case of failure to respect individual rights, failure to comply with basic data management principles, violation of data transfer rules, companies can be fined up to 20 million euros or 4% of the worldwide turnover of the previous year, whichever is higher.  

Know that in terms of prospecting, the CNIL guarantees that the RGPD does not change the rules applicable to prospecting emails for both B2B and B2C companies as long as "the subject of the solicitation must be related to the profession of the person canvassed"

Which operational adaptations to be RGPD compliant?

To comply with the RGPD, here are the new operational provisions you need to put in place.Note that this list is far from exhaustive:

  • Establish a data processing register.
  • Obtain and maintain customer consent for the retention of their data.
  • Delete or remove personal customer data across all your platforms if requested.
  • Identify the collection processes and devices: forms, social networks... as well as the type of data recovered by all these devices.
  • Verify that external software and subcontractors are all RGPD compliant.
  • Secure the data.
  • Appoint a DPO (Data Protection Officer).

As you can see, these obligations are numerous and (very) time-consuming.

Aware of this, solutions have appeared on the market to allow you to quickly comply with these various obligations.

Among them, Dropcontact is the 100% RGPD compliant solution.

Indeed Dropcontact :

  • Does not sell leads but enriches the files you already have.
  • Has its own proprietary algorithms and test servers to find, test, and verify all your data.
  • Allows you to synchronize and connect all your solutions containing contacts and thus have a single unified database (making the deletion of a user's data much easier and faster)

Thus Dropcontact is the tool par excellence respecting 100% the RGPD since it does not own or sell databases but on the contrary enriches and cleans those already existing and in your possession while maintaining strict confidentiality on your files.