You searched for position paper showing 232 results.
The General Data Protection Regulation (GDPR)1 sets out changes to almost every area of customer data processing. Retailers with storefronts, websites, mobile apps or other digital platforms through which they serve customers face new compliance standards, additional administrative burdens and liability for violations, as well more stringent enforcement and penalties.
Since the GDPR is both industry-neutral and channel-neutral, there are no sector-specific rules about the use of customers’ personal data by retailers for various commercial purposes, whether online, on mobile apps, in physical store locations or omni-channel. Customers, however, expect retailers to process personal data responsibly and seamlessly when serving them. To meet these expectations, retailers must find appropriate methods for GDPR compliance that further their customer relationships and do not frustrate them.
With the GDPR taking full effect, there are still many questions about how the GDPR applies to critical areas of retail operations, such as: using customer data for improved service or promotional opportunities, managing customer information databases and loyalty programs, collecting customer consents, and honoring customer rights to erase, or port to a competitor, a customer’s personal data.
Retailers have a long history of nurturing customer relationships and meeting consumer expectations. The purpose of this document is to share this experience with GDPR stakeholders, including data protection authorities (DPAs), to facilitate retail-specific approaches to compliance that will meet the requirements of the GDPR while ensuring that retailers can continue to provide customers with the personalization, omni-channel experiences and seamless retail operations that they expect.Read more
Ahead of the 8 June TTE Council, we urge Member States to remain cautious in their examination of the draft ePrivacy Regulation (ePR). Limited progress has been achieved since the beginning of Council discussions early last year and many questions remain open. More time is needed to assess the ePR’s scope of application, its overlaps with the General Data Protection Regulation (GDPR) and its impact on all sectors of the economy.
The ePR proposal has departed from the laudable objective of protecting the confidentiality of communications and goes on instead to greatly limit the processing of a broad array of both personal and non-personal data. Rather than complementing the GDPR, the proposal replaces and contradicts many of the fundamental checks and balances of the EU’s data protection framework.Read more
On 11 April the European Commission proposed a set of measures revising some of the existing consumer protection rules and proposing targeted changes to Unfair Commercial Practice Directive (UCPD), Consumer Rights Directive (CRD), and Price Indication and Unfair Contract Terms directives.Read more