GDPR is quickly approaching, which means it’s time to kick it into high gear. If you haven’t done anything yet, here’s a basic list of necessities to get you prepared.
• Evaluate your EU traffic. Is it a large portion of your revenue? If so, continue down this list.
• Determine your lawful basis. Review the Lawful Basis for Processing, and determine what you align with. Publishers have six options but only two of them are most relevant: consent & legitimate interest.
• Create a list of your vendors. Reach out to them to understand how they align with the new legislation and which lawful basis they have chosen.
• Get organized internally. Update your privacy policy, review vendor contracts, put a process in place to handle EU data and create a way to respond to data subject requests.
• Look for Consent Management Platform. Should you decide your lawful basis is consent, start looking for a Consent Management Platform (CMP). Sovrn has a pretty great option for you. Check it out here!
Are you a Sovrn publisher? Follow this timeline.
April 26th: Receive your first email communication from Sovrn with everything you need to know to make the right decisions about GDPR.
April 27th: Receive links to our updated terms found on our website.
May 1st: Make your EU Reader Control selection.
May 8th: Accept new Terms & Conditions.
May 1st – 25th: Monitor your email for reminders & communication from Sovrn and check out Sovrn’s CMP!
May 21: Forced acceptance goes live. In other words, make sure you review & accept Sovrn’s terms in order to access your account.
May 22: EU Reader Control rollout begins.
May 23rd: Community AMA: Ask Sovrn Anything about GDPR.
May 25th: GDPR goes into effect, EU Reader Controls.
Stay up to date on Sovrn initiatives & join the conversation in the Sovrn Community.