Meet compliance requirements for regional data privacy laws and a wide range of social networks by centralizing customer data in a single, end-to-end platform.
It’s Increasingly Difficult to Balance Personalization with Privacy
In today’s landscape of regional data protection and privacy laws, the compass of compliance can move unexpectedly and often, with new requirements such as the EU GDPR continually coming online. So, how can businesses with international customer bases stay compliant without running up massive infrastructure and development costs?
Centralize Customer Data Management and Command Compliance
Gigya enables our clients to centralize all management of customer data in a single, end-to-end solution. Our platform helps our clients effectively manage customer data privacy, with features that offer maximum flexibility for building user consent and control into every step of the customer journey, and support for meeting a wide range of regional privacy requirements.
Get ready for GDPR
Do you hear that ticking sound? We sure do. The EU’s General Data Protection Regulation (GDPR) will be enforced on May 25, 2018, and penalties for non-compliance are harsh. Do you have a plan? If not, download our CIAM GDPR Readiness Toolkit to start planning now.
Privacy and Compliance Features
User Data Control
Many regional data privacy laws stipulate that, at any point and for any reason, users must be able to autonomously export, delete, edit and freeze processing of their profile information. Gigya ensures that consumers remain in full control of their data, and make it possible for your business to store only data that is absolutely necessary to enable relevant application functionality.
Global businesses must meet requirements for obtaining verifiable consent from customers when collecting and using their personal data. Gigya’s self-service registration, login and profile management flows can be customized to communicate the specific data that will be collected from users and how it will be used for each context. This can include privacy notices, terms and conditions, marketing opt-in/out functions, account preferences, and the “right to be forgotten”, enabling digital strategies that respect customer privacy.
To help you meet proof of consent requirements, Gigya stores current terms of consent and individual identifiers for each user. Requirements for the minimum age of consent can also easily be met with our platform.
Data localization laws are becoming more prevalent every year. Gigya maintains data centers in multiple regions, including North America, Europe, Australia, Russia and China to help clients maintain compliance.
Gigya helps businesses stay in compliance with the current terms of service (TOS) of more than twenty-five social networks and identity providers (IdPs) around the globe. For example, if a customer revokes permissions for an app in their social profile it is automatically reflected in their Gigya-managed profile.
Gigya facilitates compliance with regional opt-in and opt-out laws and newsletter optimization by allowing clients to implement compliance on a per-region compliance for laws such as the Canada Anti-Spam Legislation (CASL), the U.S. CAN-SPAM Act and the EU Opt-in Directive.
Gigya helps our clients comply with Web Content Accessibility Guidelines (WCAG) and the Americans with Disabilities Act (ADA) with out-of-the-box workflows that allow visually-impaired users to navigate online processes using only their keyboards.
Gigya is compliant with the HIPAA Security Rule and HIPAA Privacy Rule, as well as HIPAA breach notification requirements. Gigya maintains a Business Associate Agreement (BAA) document for HIPAA-governed clients such as hospitals and doctor’s offices.