COMPLIANCE

Image

COMPLIANCE

Image
Image

Data On-Boarding

Data On-Boarding

OBWIN navigates administrators through a straightforward yet comprehensive on-boarding process up-to-date with current contact campaigning governance through the Information Commissioner and Ofcom in the UK.  

Our design has engineered compliance from a blank canvas perspective. OBWIN successfully accommodates the major process steps of revised regulation including functions which are fully integrated to the platform and cover requirements such as;

Capture Client level information as Data Controller and/or 3rd Party level as Data Processor to complete and store this information to meet internal (for Breach handling or Subject Access Request) or external audit requirements of GDPR regulation.
OBWIN hosts a DPIA template which allows administrators to capture and store risk information and demonstrate their consideration of the protection of personal data.
For ‘next-level-assessment’, OBWIN also captures the decision deck for all Legal Basis of processing including Contract, Consent and Legitimate Interest in the context of the campaign.
Differentiate between campaigns conducted for Direct Marketing and other contact reasons – and the necessary material (including short-form and/or plain English) to ensure GDPR compliance, particularly (though not exclusively) to support Consent or Legitimate Interest format campaigns.

With regulatory data captured by default at campaign set-up stage, OBWIN is designed to display this information with high-visibility to call-agents. Our aim is for users to resolve Subject Access Requests (SAR) where they first occur – i.e. at the point of initial exchange. OBWIN aims to ensure a modest yet efficient SAR fulfilment process at early points in process.

For consent campaigning, data-sets will have either a ‘one-to-many’ or ‘one-to-one’ consent detail.  Through an engineered data on-boarding process, administrators are prompted to select which consent type is available at what channel level – i.e. consent for; email, telephone, SMS, post.
To respond to compliance requests, all campaign set-up information (target GDPR provisions including Legal Reason, DPIA, Privacy Statement, Consents etc) are permanently and securely stored for future internal or compliance audit purposes.
Profiling using aggregated non-personal data nevertheless improves outcomes at a data-subject level. That is, the OBWIN profiling processing algorithm improves the relevance match between the client organisation and its prospect – and therefore improves the performance of ‘matching’ the required service to the demand
Capture Client level information as Data Controller and/or 3rd Party level as Data Processor to complete and store this information to meet internal (for Breach handling or Subject Access Request) or external audit requirements of GDPR regulation.
OBWIN hosts a DPIA template which allows administrators to capture and store risk information and demonstrate their consideration of the protection of personal data.
For ‘next-level-assessment’, OBWIN also captures the decision deck for all Legal Basis of processing including Contract, Consent and Legitimate Interest in the context of the campaign.
Differentiate between campaigns conducted for Direct Marketing and other contact reasons – and the necessary material (including short-form and/or plain English) to ensure GDPR compliance, particularly (though not exclusively) to support Consent or Legitimate Interest format campaigns.

With regulatory data captured by default at campaign set-up stage, OBWIN is designed to display this information with high-visibility to call-agents. Our aim is for users to resolve Subject Access Requests (SAR) where they first occur – i.e. at the point of initial exchange. OBWIN aims to ensure a modest yet efficient SAR fulfilment process at early points in process.

For consent campaigning, data-sets will have either a ‘one-to-many’ or ‘one-to-one’ consent detail.  Through an engineered data on-boarding process, administrators are prompted to select which consent type is available at what channel level – i.e. consent for; email, telephone, SMS, post.
To respond to compliance requests, all campaign set-up information (target GDPR provisions including Legal Reason, DPIA, Privacy Statement, Consents etc) are permanently and securely stored for future internal or compliance audit purposes.
Profiling using aggregated non-personal data nevertheless improves outcomes at a data-subject level. That is, the OBWIN profiling processing algorithm improves the relevance match between the client organisation and its prospect – and therefore improves the performance of ‘matching’ the required service to the demand

OBWIN achieves the highest-level of design to meet regulatory standards in an effective yet nimble toolkit approach – allowing business to quickly navigate compliance interfaces with straightforward design solutions built for real campaigning.

Our compliance design is neither ‘peripheral’ nor ‘retrospective’ - achieved through an entirely blank canvas design on each point of regulation; GDPR, PECR, ePrivacy and also compliant to Ofcom telephony regulation.  OBWIN provides an effective response to many small restrictions which in too many cases make compliance considerations the tipping point of running an outreach campaign.