Podcast: Play in new window | Download (Duration: 14:30 — 13.3MB)
Subscribe: Apple Podcasts | TuneIn | RSS
Here’s a terrifying thing I just learned: the average ecommerce website has 66 third-party tags on the page. That’s according to our podcast guest, Rui Ribeiro, CEO of Jscrambler. The tags, pixels and scripts control everything from the video to payment processing to the consent wall to the chat function. And, guess what: they may all be collecting user data, and, quite possibly, more data than they should.
So what’s a compliance officer to do, other than lose sleep over the issue? First, make sure there’s an inventory on all those tags, pixels and pieces of JavaScript running on your site and what data they are collecting. While you’re doing it, don’t just ask what’s being run at HQ. There may be regional variations.
Next, spend time with all the departments that touch the site to see what they truly need and that data isn’t being accessed without good reason.
Then change your thinking around GDPR. It’s not about just getting consent to collect data, it’s time to use it as a warning to focus on knowing who the data is being collected from and why.
Once you have that squarely in mind, you can find the right tools to control the data flow and ensure your organization and its third parties are only collecting essential data, not everything you can.