Jornada sobre Soluciones prácticas para el cumplimiento del RGPD

Technology facilitates customer consent

Rafael Tripero, CEO of MailTecK, pointed out at the conference sponsored yesterday by this company that the General Data Protection Regulation, which comes into force throughout Europe in May, radically changes insurers’ communications with their customers, and that user consent for the use of their personal data is key in this process.

Mario Embid, of Ecix Group, explained that the customer’s consent must be “free, specific, informed and unequivocal” and that each new purpose of the use of personal data requires the corresponding acceptance by the user. The company, or its data protection officer, must be able to demonstrate the existence of such consent at all times.

The most controversial issue, according to this lawyer and also for MailTecK experts, is “legitimate interest”. By means of this, the customer’s consent is excluded for the use of his personal data in the offer of products and services of the company itself, which are similar to those that were initially contracted. Embid stressed the difficulty of determining similarity and specified that legitimate interest does not include the sending of advertising or commercial proposals from companies of the same group.

Javier Echevarría, CEO of Mailteck & Customer Comms, indicated that the Data Protection Agency understands that the sending of commercial communications can be covered by legitimate interest when it occurs by non-electronic means, the interested party is a customer of the entity at the time of sending and the products and services offered are specific to the entity and similar to those previously contracted by the user. In any case, he specified that “the legitimate interest must be communicated to the client”.

Echevarría, together with Moisés Fimat, senior consultant, and Francisco Marina, pre-sales consultant, conducted a demonstration of MailConsent, a technology that enables the practical management of the complete consent cycle through multichannel communications. This platform facilitates obtaining customer consent and exercising access rights for the use of their personal data, as well as the communication of a security breach (Data Breach), allowing compliance with the regulation “in a quick and easy way”.

To conclude, Echevarría sent a message of reassurance about the regulations: “There are still two months to go, there is still time to be perfectly prepared”.

BDS Editor. INESE. 15-02-18 “Bds special Insurance Week 2018 – Thursday, Feb. 15”