Data Protection in the Marketing Department
-
Repetition: Basics of Data Protection1 Topic|1 Quiz
-
Data Processing2 Topics|1 Quiz
-
Events and Trade Fairs3 Topics|1 Quiz
-
CRM Systems3 Topics|1 Quiz
-
Social Media2 Topics|1 Quiz
-
Tracking Services3 Topics|1 Quiz
-
Promotions and Competitions2 Topics|1 Quiz
-
Privacy Policy for the Website3 Topics|1 Quiz
-
Consent (Opt-In and Double-Opt-In)2 Topics|1 Quiz
-
Newsletter Marketing3 Topics|1 Quiz
Data Processing in practice – An example
The Muster Ltd would like to commission K Ltd, known for its expertise in market research, to conduct customer surveys. Before K Ltd can start with its surveys, Muster Ltd must first ask itself the following questions:
Does K Ltd need access to Muster Ltd’s customer
- Does K Ltd need access to Muster Ltd’s customer data?
- Does K Ltd process the customers’ data?
- Is this data personal data?
For all these questions, the answer is “yes“.
In order to be able to conduct customer surveys, K Ltd needs to know who Muster Ltd’s customers are.
Even if K Ltd conducts a supposedly anonymous survey, it should be noted that a survey is no longer anonymous but personalised as soon as it contains even one detail that allows conclusions to be drawn about the person surveyed. Not only name and date of birth are personal data, but also, for example, the IP address and the car registration number.
Consequently, a data processing agreement must be concluded with K Ltd. In this contract, K Ltd is obligated to, among other things,
- to process personal data exclusively within the framework of the agreements made and according to the instructions of Muster Ltd
- not to use the processing of the data provided for any other purposes, in particular not for its own purposes
- to strictly separate the data processed for Muster Ltd from other data stocks.