DPIA for an eCommerce Fidelity Program
Challenges
The client – an eCommerce business based in Bulgaria, launched a fidelity programme that needed to be compliant with local and EU rules.
Firstly, it was necessary to understand the impact of the GDPR on their project. Secondly, the client requested a detailed action plan outlining the measures to safeguard their customer’s personal data.
Solutions
A Data Privacy Impact Assessment was performed. Based on this, a new Privacy Policy was drafted. Finally, we created a procedure for consent management and provided a cloud-based solution for treating data subject’s requests.
DPIA
To comply with Article 35 of the GDPR, a Data Privacy Impact Assessment was performed.
Privacy Policy
In accordance with Article 12 of the GDPR, a new Privacy Policy was delivered.
Consent
Informed Consent management procedures were created to address Article 4 of the GDPR.
Data Subjects
A cloud-based solution for data subject’s requests helped comply with Articles 12-23 GDPR.