With the EU's GDPR just over a month away from coming into action, many brands are double-checking their data policies and levels of compliance. With that in mind, mParticle, AppsFlyer, Braze (formerly Appboy) and Amplitude have announced the launch of OpenGDPR, an initiative aimed at establishing a common framework for compliance with GDPR mandated data subject rights.
The OpenGDPR framework presents a public API specification along with a recommended set of best practices for implementing and maintaining a connected and compliant stack. The four firms are hoping that by adopting OpenGDPR, they can help brands reliably address data subject requests across their partner ecosystems in near real-time.
GDPR states that brands, as controllers of personal data, will need to be able to address requests for access, portability and erasure within the required timeframe of one month, or risk significant fines. With companies potentially facing thousands or even millions of these requests, all of which must be managed across multiple data storage systems, it is a daunting task.
OpenGDPR aims to provide a common framework for brands and their technology partners to communicate and manage GDPR requests around data subject rights. For brands, OpenGDPR aims to make data subject request management more efficient and reliable thanks to increased interoperability across their technology stack.
"With GDPR less than 90 dats away, it's crucial for brands to not only have their own policies and processes in place to ensure compliance, but feel secure knowing their partners do as well," said Michael Katz, CEO and co-founder of mParticle. "GDPR compliance is simply too important to leave to chance and until now there was no best practice set on how to honour data subject rights. Brands who work with technology companies that are part of the OpenGDPR initiative can be confident that best-in-class GDPR solutions are being deployed on their behalf."