Case Studies—IREI – GDPR Compliance
Setting IREI up to be Compliant with GDPR Regulations
IREI came to update their website design, features, functionality and marketing integrations. We worked with key stakeholders to design a great user experience for their customers and a robust, but easily manageable WordPress CMS for their team.
The site includes a custom publication and subscription e-commerce system that allows customers to digest publications, issues and articles as they choose.
www.irei.com- Services Provided:
- Web Design & Development
Challenge:
- 01. The website must require explicit consent at every touchpoint a user can submit data.
- 02. The administrator must be able to perform a number of actions with the new consent requirements, including: tracking when and where a user was requested to grant consent associated to their account, removing all user account data, and exporting all user account data.
- 03. Administrators and users must have the ability to download and erase user data.
- 04. EU ePrivacy Regulation requires consent for any cookies placed on the site which are collecting user data. These should not be placed until a user has explicitly granted consent for this.
- 05. Create a much more granular consent structure to all of the emails, changing the number of options from 5 to almost 30 different options for email subscriptions. In addition the data needed to remain in sync with Salesforce and Marketo.
Solution:
Our team worked closely with IREI to update the system for GDPR compliance. We performed an audit on their system to see what steps needed to be taken to meet all necessary requirements.
Following GDPR digital marketing documentation, we were able to build a solution for visitors, customers, and administrators. Our system was built within the WordPress CMS, allowing administrators to manage all settings.
01.
Privacy Consent
Implemented a privacy consent checkbox at all touchpoints throughout the site including registration, contact forms, news alert sign-up, account management and e-commerce.
02.
Consent Management and Audit Tools for Administrators
A new WordPress GDPR tool was implemented which allows the ability to track when a user has given consent within an admin audit tool. In addition within that administrative panel, they can download, erase and export any users data.
03.
Consent and Data Management for Users
Using the same WordPress GDPR plugin we have implemented two new features in the my account section which allow a user to both download and erase the data associated with their account.
04.
Cookie Consent
We implemented a new piece of consistent UI at the bottom of the screen which allows a user to grant consent at any point of their experience. In addition logic was implemented to ensure that these cookies will not be placed until the user has consented. For logged in users, this consent record is accessible within the GDPR audit tools.
05.
Email Privacy Preferences Management
A new preferences panel was built in partnership with one of our clients vendors. The solution was created which allowed the data to be directly retrieved and stored to Marketo create zero margin for error, and eliminating the current administrative tasks for email subscriptions entirely.
The preferences were strategically and seamlessly integrated throughout the website registration and account management forms creating the most optimal user experience possible.
Results:
Cog1 was able to delivera and deploy all new features to meet GDPR and EU data compliance requirements prior to the May 25th 2018 deadline.
The IREI team was pleased to know that their system is now up to date with all essential GDPR compliance features to handle user data.
We continue to maintain the IREI website including all features related to GDPR compliance.
- GDPR DeadlineDelivered & Deployed prior to GDPR May 25 Deadline
- EU Data CompliantFully compliant with EU Data Privacy Regulation
- ePrivacy CompliantFully compliant with EU ePrivacy Regulation