Data Match for the GDPR
From May 2018, data subjects have far greater individual’s rights and control over the way in which your business stores and uses their personal data.
The ICO requires you to respond quickly and effectively to requests from individuals about their personal data - you must respond to a Data Subject Access Request (DSAR) within 30 days, free of charge. Here is an overview of an individual’s rights under the GDPR:
To fulfil the individual’s rights under the GDPR, your business must:
- Provide individuals access to data held on them upon request, without delay (Article 15)
- Provide individuals with the ability to have data about them rectified upon request, without undue delay (Article 16)
- Erase personal data held on individuals where certain grounds apply, without undue delay (Article 17)
- Restrict the processing of personal data held on individuals in some circumstances without delay (Articles 18 & 21)
- Transfer personal data held on individuals under certain circumstances upon request (Article 20)
A solid understanding of how your company fulfils individual rights and services access requests is an important element of GDPR compliance. Without a single, consistent view of all your customer data, it is much harder to locate and respond to data subject access requests with any confidence and meet these GDPR requirements.
Our approach to data match
Utilising a unique combination of linking, matching, and data management tools and services, we can deliver a consistent, single view of each of your existing individual data subjects with access via a single tool.
For consumer data, our simple and sophisticated solution, ExPin, uses billions of reference data points to create a unique match key for each individual which can then be used to verify and match disparate data records. This process allows you to create a single customer view and get to know your customers better.
Once you accurately understand how many individuals you have in your database and who they are, you will be able to respond more quickly and effectively to any data subject access requests from your customers in line with the requirements for the GDPR in addition to understanding the value of each customer to your business.