Across the last two blogs we’ve taken a look at some of the key articles within GDPR. Article 15, 16 and 17 or ‘right to access’, ‘right to rectification’ and ‘right to erasure’, and Article 18, 19 and 25 – ‘right to restriction’, ‘notification obligation’ and ‘data protection by design’. 

Now you have a better understanding of what GDPR is and who it applies to (any business on the planet that collects data on EU citizens), it’s now time for you to gauge how ready you are to comply for when it comes into force on 25th May by following some simple steps.

Review your current data position

Businesses should assess all customer data that exists within the firm in order to better understand how exactly it is used and the processes in place to manage it. If there is data which doesn’t serve a functional purpose, holding onto it may create more issues than it’s worth. It should be minimised or deleted entirely. 

Put a team together

You should create a GDPR taskforce who will take charge of getting the business ready for GDPR. Any changes to processes must be documented, another of the law’s requirements. The size of team required will be determined by the scope of your company but it must be led from a senior level and contain experts on the law and the business’ data processes.

Time to appoint a Data Protection Officer

You need to choose a point person to take overall responsibility. Appointing a DPO is a necessity if you: 

  1. Are a public body (excluding courts acting in their judicial capacity)
  2. Carry out large scale systematic monitoring of individuals
  3. Carry out large scale processing of specialist categories of data, or data relating to criminal convictions and offenses

Even for organisations outside of this scope, it still makes sense to have someone tasked with leading ongoing efforts. They should report straight into senior management and stay abreast of any evolution in the requirements to ensure they are reflected in the business’ processes.

Update your privacy policies

GDPR was developed to increase transparency, so make sure your policies reflect this. Data privacy must be at the heart of all policies, including the ones you have with your suppliers. GDPR takes a ‘shared responsibility’ approach, which means that you will be held accountable for their actions too. Make sure your third-party network prioritises data privacy to the same standard that you do, as ignorance is no longer an excuse.

Get technical with data protection

You must make sure that customer data is secured using multiple cybersecurity measures – using too few will be viewed as non-compliance. One technology that is specifically mentioned in GDPR’s wording is ‘encryption’. When data is encrypted, the risk of it being accessed by outsiders is greatly reduced so regulators actively encourage its use.

Tell everyone that you’re putting privacy first

Implementing the relevant changes will only be successful if employees know their own responsibilities and how they can help to ensure the company remains compliant. They need to be fully informed and engaged in the process.

Similarly, customers are looking for peace of mind that their personal information is in safe hands. Providing a sense of ease can be a competitive advantage and help to attract new customers.

Plan for further communications

GDPR has been developed for a data-driven and agile world, so you should be prepared for the regulation to evolve as demands change. Create policies in such a way that makes them easy to update and be prepared to regularly inform stakeholders on any amendments you make.

For further information on GDPR, download our guide

Related Resources

customer communication report card

Customer communication report card

Optimising your customer communication process can not only improve your relationship with your clients or customers but have a significant impact on your operations and internal...

flex ccm cx customer experience

Inspire Flex Datasheet

Inspire Flex enables organizations to create and deliver personalized, compliant customer communications across all channels, from one centralized CCM platform driving exceptional CX.
ccm cx customer communications

Inspire Flex: customer communications for a digital-first future

Learn how our industry-leading customer communications management (CCM) solution, Inspire Flex, empowers, elevates and accelerates your digital transformation for exceptional CX.
video highlight

What's new: R15 in 15

Get a quick look at the most exciting features of our latest Inspire Flex release and how it powers customer experience (CX) built for a digital-first world.


A rich history of world-class leadership

Backed by the experts

Backed by the experts

Gartner, Forrester, and Aspire



8 billion personalized experiences annually

Proven results

Proven results

97% customer satisfaction rate