GDPR: Why a top advertising firm built a new data pipeline
This global data connectivity platform takes privacy and data governance very seriously.
When they investigated the implications of their current data governance strategy, they realized that a new solution was necessary.
Finding a solution early meant that they were able to adapt to increasingly strict data governance legislation without sacrificing the depth of insight into user behavior that their data provides.
The central issue was how to stay compliant with GDPR when their existing data infrastructure consisted of a single pipeline to process both US and EU data.
GDPR requires the personal data of EU citizens to be processed in a country with comparable data laws unless explicit consent is obtained, detailing who can access an individual’s PII and the purposes for which it might be used.
This was formerly permitted through the Privacy Shield framework, but this no longer covers EU-US data transfers.
Get started on your journey
Based on the advice of their Compliance Officer, the data connectivity platform decided to separate data based on geographic origin, adopting an additional EU Snowplow pipeline for measurement instances in Europe.
The objective was to comply with GDPR by respecting data sovereignty.
The firm now has one pipeline based in the USA and another in preparation for Europe.