At World Retail Congress we’re not only committed to providing you with an event that empowers your business and the decisions you make, but we’re also dedicated to constantly improving our own performance, particularly in the digital economy. The General Data Protection Regulation (GDPR) comes into effect on May 25th 2018, governing how personal data must be processed and stored. We embrace the opportunity that the GDPR presents to build trust and improve customer experiences by driving GDPR compliance throughout our organisation.
What is GDPR?
The GDPR is a legislation governing privacy and data protection. It imposes new obligations on organisations that control or process personal data with a view to giving individuals greater control over how their data is used. Although the GDPR is a European regulation, the GDPR will still applies to companies based outside of the EU if they are dealing with personal data belonging to data subjects within the EU residents or if they have a European seat.
How does this impact World Retail Congress?
In order to drive continual compliance with all data regulations in our business, we audit and update our processes on an ongoing basis.
We are also registered with the Information Commissioner as a data controller, and we have appointed a dedicated Data Protection Officer to maintain our business’ compliance.
What has World Retail Congress done to become GDPR compliant?
Here are just some of the things we do at World Retail Congress to ensure respect for privacy. This is not about becoming compliant, but remaining compliant:
- THE PRIVACY TEAM: Participate in an Ascential Group wide data privacy team, first to oversee GDPR activities and, with the appointment of our Data Protection Officer, to continue to drive privacy compliance
- THE DATA LIFECYCLE: Map our collection, storage, and use of Personally Identifiable Information/personal data and implement appropriate retention periods
- THE POLICIES: More formally document our privacy and security practices
- THE PROCESS: Update (as relevant) privacy and data security related processes and controls incorporating privacy by design into our product development processes
- THE EMPLOYEE AWARENESS: Educate and train our employees across a range of mediums to ensure awareness and vigilance when dealing with data in day-to-day working life
- THE CODES OF CONDUCT: Ensure our suppliers and partners agree to our third-party code of conduct (or equivalent) and have the right contract terms in place
- THE SAFEGUARDS: Ensure all data transfers (inter-company and otherwise) are only made with adequate protections in place
What’s next for World Retail Congress in the realm of privacy?
We believe that compliance is not a destination, but an ongoing journey. We review our processes and practices on an ongoing basis to ensure that our customer relationships remain ones of trust, empathy and based on the united goal to make your business better, every day.