Can Huzmeli, Consultant at Skimlinks answers some key questions on GDPR ahead of 25 May.
1. What's your main priority right now in the run up to 25 May?
We are working towards complete compliance, not only with the services Skimlinks offers to clients but also with internal processes in our departments like HR and Finance. We want data protection to be as entrenched a part of culture at Skimlinks as any of our other values. To summarise our priority will be transparency and simplicity.
2. What's the biggest obstacle you're currently facing?
The adtech ecosystem is complicated with multiple stakeholders involved in one value chain. This makes it impossible for a single company to become GDPR compliant on its own. All stakeholders in the ad ecosystem have to act together and align the decisions we make. This has been the biggest obstacle for me. Ensuring clear communication between partners and customers, achieving alignment between all parties, and ensuring 100% compliance in our value chain is a challenge. The IAB Consent Framework has helped a lot, especially as it has given us a common language to use.
3. What has been your biggest learning over the last two years when it comes to GDPR implementation?
My biggest learning has been the high responsibility of adtech companies in the ecosystem. Whatever we do, we always have to think about keeping the balance between how the data is used and how the internet businesses are financed. It's not just about finding a path to legal compliance, it's also about being responsible and doing the right thing for end users.
4. How has the GDPR changed your company culture around data protection?
I was actually surprised how easy it was to adapt the culture in Skimlinks because it was already there, only waiting to take action. When I started the GDPR program, colleagues already knew a lot about GDPR. People understand they need to be cautious around the use of personal data and Skimlinks' employees have been keen to flag any concerns as we implement the program.
5. From your POV, what does/will the GDPR mean for our industry?
I think the biggest impact of GDPR is awareness. It will remind the industry about their responsibilities and also educate end users to be fellow auditors. Users will learn to distinguish between organisations doing the right thing and not, and may even start to reward the former.