Compliance

Preparing for GDPR – Checklist & Timeline

sovrnmarketing // April 20, 2018

clouds
GDPR is quickly approaching, which means it’s time to kick it into high gear. If you haven’t done anything yet, here’s a basic list of necessities to get you prepared.

• Evaluate your EU traffic. Is it a large portion of your revenue? If so,  continue down this list. 

• Determine your lawful basis. Review the Lawful Basis for Processing, and determine what you align with. Publishers have six options but only two of them are most relevant: consent & legitimate interest. 

• Create a list of your vendors. Reach out to them to understand how they align with the new legislation and which lawful basis they have chosen.

• Get organized internally. Update your privacy policy, review vendor contracts, put a process in place to handle EU data and create a way to respond to data subject requests.

• Look for Consent Management Platform. Should you decide your lawful basis is consent, start looking for a Consent Management Platform (CMP). Sovrn has a pretty great option for you. Check it out here!

Are you a Sovrn publisher? Follow this timeline. 

April 26th: Receive your first email communication from Sovrn with everything you need to know to make the right decisions about GDPR.
April 27th: Receive links to our updated terms found on our website.
May 1st: Make your EU Reader Control selection.
May 8th: Accept new Terms & Conditions.
May 1st – 25th: Monitor your email for reminders & communication from Sovrn and check out Sovrn’s CMP
May 21: Forced acceptance goes live. In other words, make sure you review & accept Sovrn’s terms in order to access your account.
May 22: EU Reader Control rollout begins.
May 23rd: Community AMA: Ask Sovrn Anything about GDPR.
May 25th: GDPR goes into effect, EU Reader Controls.

Stay up to date on Sovrn initiatives & join the conversation in the Sovrn Community.

Want to learn more?

Share this article