GDPR enactment is here. Is your ORM Program ready?
When the General Data Protection Regulation takes effect 25 May 2018, your current Reputation Management solution may become illegal.
I’ve received a lot of inquiries about the Regulation’s effects on authentic customer feedback. I’ve written this article to cover the Top 5 Disruptions I see as CEO of eKomi, Europe’s premier all-in-one provider of Customer Experience, Market Research and Reputation Management solutions.
To read GDPR in its entirety, click here.
****
- Privacy Policies
If you collect, manage, moderate and market customer feedback through a platform like eKomi, that platform is your Data Processor. According to GDPR, every company must mention their data processing activities in their Privacy Policy, explain how they protects customers’ data and why they shared it with a Data Processor in the first place.
- Employee Reviews
Recently, a Forbes article exposing the unethical practice of so-called “confidential” employer surveys went viral. In the world of GDPR, defrauding employees, mishandling employee data and unfairly compensating employees deserve more than a slap on the wrist.
However, GDPR leaves open what exactly those rules (and punishments) will be. According to Article 88, “Processing in the context of employment”:
Member States may, by law or by collective agreements, provide for more specific rules to ensure the protection of the rights and freedoms in respect of the processing of employees’ personal data in the employment context.
- Data Protection
Article 23 states that GDPR-compliant consumer data protection must be designed into the Reputation Management software itself. Unless your development team began the process with GDPR privacy settings in mind, your solution may be illegal before it’s even complete.
- Third Parties Surrender Their Power
According to a report by the European Union Agency for Network and Information Security, GDPR-compliant Online Reputation Management (ORM) solutions must carry out encryption and decryption operations locally so that both sets of keys remain in the power of the data owner, not the third party reviews processor.
At eKomi, we’ve circumvented this problem entirely. Our solution deploys directly onto a company’s infrastructure, keeping customers’ data in customers’ hands.
- Build on the Blockchain
In the past two years, dozens of feedback management companies have released Blockchain-based tools to collect, verify and store reviewer data. With very few exceptions, GDPR brings that trend to a halt. So why does Blockchain still matter?
Because eKomi is one of the exceptions.
Our solution to the GDPR-Blockchain problem is a very simple one: the Trusted Profile, a Blockchain-based reviewer profile that stores purchase and feedback data. The eKomi platform stores each Trusted Profile’s sensitive data off-chain but keeps a reference to the Profile along with a hash on the Blockchain. In keeping with Disruption #4 above, eKomi protects data privacy by allowing only Trusted Profile owners to determine who can view their Profiles.
If you want to clear up every remaining GDPR-Feedback Management question you have in one conversation, reach out to me directly. I’m happy to help you get GDPR-ready as quickly and cost-effectively as possible.
By Michael Ambros, CEO and Founder of eKomi
English 
German