"As a digital marketer, you may need to prepare for compliance with the European Union's General Data Protection Regulation (GDPR) by May 2018. The GDPR is intended to strengthen and unify data protection for all individuals within the European Union (EU) or European Economic Area (EEA), and it has repercussions for how you process and transfer out of the EU/EEA personally identifiable information (PII).
As this paper summarizes, the GDPR asks you to recognize and respect each of your end customer’s data contribution to your business. The key to complying with evolving global data privacy regulations, including the GDPR, is transparency and accessibility. The Sitecore® Experience Platform™ (XP) can provide a consolidated view on the totality of every interaction your end customers have with your brand, accessible in one place, and can provide you a full, granular audit trail of what, where, how, and when you collected and stored all end-customer-related data, down to the individual level. Since Sitecore XP is an extensible framework, it’s important to know that GDPR compliance may require changes to existing Sitecore XP implementations, which can only be determined through your own assessment of any PII you may have gathered and processed, or intend to gather and process, as a result of your implementation.
We’ve created this document to summarize how features in Sitecore XP support your compliance efforts. The guidance we’ve outlined applies to Sitecore XP 9, though some of the principles and features may apply to XP 8.2 and other previous Sitecore product versions as well. This guidance should not be construed or used as legal advice about the content, interpretation, or application of any law, regulation, or regulatory guideline. You, the customer, will always be in the best position to assess your own risks, and must seek your own legal counsel to understand the applicability of any law or regulation to your business, including processing of PII, whether you collect and process it independently or through using any vendor’s products or services."