GDPR: Frequently Asked Questions
Interview by Holly Callender, Junior Content Manager
We sat down with Webtrekk’s Data Protection Officer, Alexander Krull, to answer Frequently Asked Questions about GDPR.
Q. What do you think about the GDPR?
A. A lot of clients ask me this – I'm actually looking forward to it. It is a good decision to define general European rules for data protection and privacy related topics.
Q. What will the three biggest impacts ?
A. I don’t expect many impacts, but there are a few. The biggest impact is the technical stuff needing changed, an addition being documentation. At Webtrekk we document and explain everything to show what we are doing to be data privacy proven. In the past few years we have had competition from American and Asian companies. To be strong in the market, it helps to be GDPR compliant.
Q. To be compliant, should companies use less data?
A. Now clients think it is necessary to use less data but I don’t agree. Former German rules were very specific with what you can and cannot do with data, and what type of data you can use. In comparison, the GDPR is generous – you can use more information, even Personal Identifiable Information.
However, for other European countries, the new Regulation data rules are much stronger. Germany is the exception.
Q. Does the GDPR give the user control of their data?
A. Now, the end user can influence companies on how they use their data. Past German law had legislation on how a user can force deletion or changing of data but now it is written into the GDPR, giving European end users control.
Q. Will the Regulation affect ad blocker usage?
A. The main change is now the browser takes over ad blocker functionality. If we have a proven general technology usable on all online services, ad blockers are not needed to decide when and how often companies track data. That’s a huge thing we have now in the GDPR and hopefully in the ePrivacy directive too.
Q. What are the benefits?
A. There are two sides to the benefits. One big benefit for our clients is that they can use more data. Another is the competition benefit. If I am a business looking for a solution, I can trust every GDPR compliant data company, no question about it.
The end users benefit as they now have more control of their data. In the past there would be a website banner about cookie use, and very often that meant 30 or 40 cookies users had little information about. With future technologies and ePrivacy rules, end users will know which companies to trust.
Q. Is it easier for German companies to become compliant?
A. Yes, because the GDPR is closely related to our former German privacy law. In the past, it was necessary to change or delete data if a client or end user asked. Plus, we had the now necessary documentation and transparency. However, this is all very new for many European companies.
Q. Is Webtrekk GDPR ready?
A. Already when Webtrekk was established over 13 years ago, one of our first steps was showing our clients and web users we were compliant with web privacy rules. In preparation of GDPR, we went through further data privacy certification processes - this proves we are definitely compliant with the Regulation. In a nutshell: We are a well prepared company and we have certificates proving we are GDPR ready.
Q. Do I need an opt-in for Webtrekk?
A. No! We recommend first-party track domain and data collection. There is no opt-in requirement for first-party data collection for analytics purposes.
Q. What is the most difficult part in becoming GDPR compliant?
A. The most complicated part may be setting up the technical basis. It is difficult and a high investment for smaller clients. In the past it was easier – you just had the server where client data was kept and very often this server stood directly in the company.
It is good thing for data controller processor agreements, as they work with the data as defined and have a contractual situation based on the GDPR. This opens possibilities for the digital market, and especially for technology providers like Webtrekk.
The GDPR is necessary, but should not be feared — especially in Germany. Let's break it down.
This blog post looks at some actual GDPR text to see exactly what is (and isn't) about to change. Read it now.