The General Data Protection Regulation (GDPR) will be implemented by May 2018 and will have a significant impact on how businesses will have to manage processes, people, and technical controls going forward.


What is GDPR?

The European Union (EU) introduced its data protection standard 20 years ago through the Data Protection Directive 95/46/EC. Because the EU requires each Member State to implement a Directive into national law, Europe ended up with a patchwork of different privacy laws. In addition, increasing security breaches, rapid technological developments, and globalization over the last 20 years has brought new challenges for the protection of personal data. In an effort to address this situation, EU developed the General Data Protection Regulation (GDPR), which is directly applicable as law across all member states.


Why GDPR matters to us and our customers?


Once effective, the GDPR will apply broadly to companies that are based both inside and outside the EU, and that collect and handle personal data from EU-based individuals. Personal data, also known as personal information or personally identifiable information in other parts of the world, is defined as any information relating to an individual that can be directly or indirectly identified, for example by reference to identifiers such as names, identification numbers, location data, online identifiers or to one or more factors specific to the individual’s physical, physiological, genetic, mental, economic, cultural or social identity.


With new and strengthened rights for individuals, accountability requirements for companies, and increased scrutiny by regulators, companies collecting and handling personal data in the EU, both offline and online (for example, involving e-commerce or online advertising activities), will need to consider and manage their data handling practices and use cases more carefully than ever before.


Oracle Marketing Cloud has created a GDPR resource center to help you get ready:

Oracle Marketing Cloud GDPR Resource Center


You can also find additional resources for the GDPR below:

Ready for GDPR? Oracle Marketing Cloud gets you there!

Oracle Marketing Cloud GDPR Topliners Page


As part of our commitment to help customers address GDPR requirements, the Oracle Marketing Cloud comes packaged with a robust set of built-in privacy and security features that puts marketers in control of the personal data they handle and helps them build consumer trust. These native capabilities span across the broader Oracle Marketing Cloud portfolio and can be grouped into the following categories:

  • Collecting Personal Data
    The Oracle Marketing Cloud enables marketers to capture personal data across many different channels. As part of these data capture processes, marketers have the ability to incorporate mechanisms that enables their customers to make informed decisions about the use of their personal data.  Whether someone is visiting your website, submitting a web-form, or even sharing personal data across social media channels, the Oracle Marketing Cloud provides controls that can be configured to meet specific business requirements.
  • Managing Personal Data
    As today’s businesses capture vast amounts of personal data, marketing teams require powerful tools that enable them to manage data at scale. The Oracle Marketing Cloud provides a comprehensive portfolio of features that makes it easy for marketers and customers to manage personal data. This includes the ability for marketers and customers to update personal data on request, as well as to securely transfer personal data at scale leveraging modern API’s and SFTP mechanisms.
  • Protecting Personal Data
    Businesses hold a responsibility to secure personal data to protect the integrity of their customers. Native to Oracle’s core business, the Oracle Marketing Cloud provides state of the art data security mechanisms and controls derived from ‘privacy by design and privacy by default’ principles. These include capabilities like encryption, anonymization, and more to protect personal data at the highest possible standard as well granular access controls that enables organizations to distinguish which individuals or groups should have access to personal data.


Learn more: GDPR for Marketers Whitepaper