The period of data storage is determind each time by the employer, taking into account the principle of limiting the storage of data from the GDPR – personal data should be processd until the purpose of processing exists. The employer should specify the retention period for data from mail monitoring or other forms of monitoring in internal data retention policies. In addition, the period of data storage should be informd in the work regulations (or notice) and the information clause.
Two sentences at the end of part
The loyalty program is not only about building lasting and positive relationships with customers, but also properly securing personal Latest Mailing Database data collectd for this purpose. In practice, designing a loyalty program that is safe in terms of personal data protection regulations is difficult and complicatd, but despite this inconvenience, entrepreneurs are very willing to use this form of advertising and promotion.
Law in our article available here
So how to build, step by step, an effective but also properly securd loyalty program compliant with the GDPR rules? Step one – assess BBB Org the risk In principle, the general clauses of the GDPR allow data controllers to fully and completely assess the risk relatd to the processing of personal data. It should be emphasizd that the risk assessment itself should take place at the time of designing the loyalty program process. Attention should also be paid to data protection implications and security arrangements.
