April 12, 2018

The EU’s General Data Protection Regulation (GDPR) states that brands, which are controllers of personal data, will need to be able to address requests for access, portability, and erasure within the required timeframe of one month–or risk significant fines. Companies could potentially be faced with thousands–or even millions–of these requests. In turn, each request requires those companies to take action across multiple systems that process and store an individual’s personal data.

OpenGDPR provides a common framework for brands and their technology partners to communicate and manage GDPR requests around data subject rights, including but not limited to data access, portability, and erasure. For brands, OpenGDPR will make data subject request management a more efficient and reliable process due to the increased interoperability across their technology stack. For technology companies, it will ensure they are prepared to handle requests with minimal custom development efforts.

“With GDPR less than 90 days away, it’s crucial for brands to not only have their own policies and processes in place to ensure compliance, but feel secure knowing their partners do as well. GDPR compliance is simply too important to leave to chance and until now there was no best practice set on how to honor data subject rights,” said Michael Katz, CEO and co-founder of mParticle. “Brands who work with technology companies that are part of the OpenGDPR initiative can be confident that best-in-class GDPR solutions are being deployed on their behalf. ”

“As the global leader in mobile attribution, we understand the importance of data privacy, and hold ourselves, our partners and our customers to the highest possible standards,” said Oren Kaniel, CEO and Co-founder of AppsFlyer. “We are committed to empowering marketers and businesses on their path towards GDPR compliance, and the OpenGDPR initiative creates a framework designed to help the entire ecosystem further embrace and navigate data subject requests in a post-GDPR world.”

“At Braze (formerly Appboy), we are committed to ensuring ongoing compliance with GDPR. We have an extensive program in place for compliance with data processor and controller obligations under GDPR, all of which are embedded in our partner ecosystem, our platform, and our support for the OpenGDPR framework,” said Bill Magnuson CEO & Cofounder of Braze (formerly Appboy). “Security and privacy protections are never finished—they’re always ongoing. Braze always has been, and will continue to be, good stewards of our clients’ data, keeping trust and transparency at our core.”

“Amplitude cares deeply about helping digital businesses easily maintain customer data privacy for their product analytics,” said Spenser Skates, CEO of Amplitude. “We are excited to launch the OpenGDPR initiative so the whole ecosystem can access an interoperable framework to ensure that privacy is a foundation of the modern product stack.”

OpenGDPR will continue to bring industry-wide standards and best practices to the market over the course of 2018 and beyond. Technology companies who would like to support and become a part of OpenGDPR should visit opengdpr.org.