« Back to Blog

Multinational Consumer Goods Corp Leverages Compliance Sheriff for GDPR

A multinational consumer goods corporation with more than 60 brands in its portfolio each with its own digital properties is using Compliance Sheriff to support GDPR compliance. The corporation wanted a fully automated solution to check where it was collecting user information online and on mobile. With this information, the corporation could then apply the appropriate data protection requirements to ensure GDPR compliance.

Compliance Sheriff Helps Achieve GDPR Compliance

With over 250 global web properties, this corporation required a solution to apply a systemized process against its set policies to help achieve GDPR compliance. Already an existing Compliance Sheriff company, this organization leverages pre-defined and custom policies (checkpoints) to identify what web properties are collecting personally identifiable information (PII).

Where data is collected across web properties, Compliance Sheriff checks that corporate privacy policies such as data access, collection and storage are being applied. This fully automated process includes checking that there is a website age checker, confirming that there are legal statements present on the pages collecting PII or that plain text is available. The checkpoints go beyond the public facing checkpoints. If a web property is collecting data, the compliance team can then manually check if the PI is being stored correctly. Those manual findings are then uploaded to Compliance Sheriff that can generate a full report of what web properties require more work. The compliance team can also review what level of risk exists and where immediate attention is needed.

About GDPR

Scheduled to take effect in May 2018, GDPR’s purpose is to strengthen and unify data protection standards for all EU individuals by:

  • Empowering EU citizens by giving them control of their personal information.
  • Classifying how EU citizens’ personal data should be protected and exported outside EU member states.
  • Simplifying the regulatory environment for international businesses by unifying the data privacy regulations.

Organizations need to understand the data they have access to, how they use it, and track and monitor the controls they have in place as part of their overall GDPR compliance requirements.

Compliance Sheriff provides control, consistency and visibility for GDPR. It checks all web content against privacy checkpoints to ensure compliance with GDPR.

Benefits of Compliance Sheriff

This corporation uses Compliance Sheriff to deliver an automated process across its web properties to support GDPR compliance – all without missing any pages. To manually review 250 web properties and all the associated single web pages would be impossible. This automated process provides control, consistency and visibility.

Control

Check all web content for compliance so that every content contributor is held to the same standards.
• Dynamic web content, scripted and contextual
• Mobile web content, viewed in any place, in any way
• All web content, in any browser, on any device

Consistency

Ensure all web content meets regulations and standards.
• Leverage Compliance Sheriff’s regulatory and best-practice rules
• Conform to accessibility standards
• Create bespoke checkpoints against corporate policies
• Drive user satisfaction throughout across all web assets

Visibility

Monitor and report on compliance across departments.
• Correct problems before pages go live
• Group reports and view departmental summaries
• Identify hotspots needing immediate attention.
• Demonstrate improvement by reporting trends over time.

Learn more about how Compliance Sheriff addresses GDPR rights of data subjects by identifying where data is collected and how it ensures accessibility.

Cyxtera and GPPR

Cyxtera also offers solutions to secure systems flagged by Compliance Sheriff. Cyxtera AppGate SDP secures networks with a Software-Defined Perimeter—a network security model that dynamically creates one-to-one network connections between the user and the resources they access. AppGate SDP addresses article 32 of GDPR.