Imagine you had a mobile contract with an operator called ABC and decided to switch to a different provider called DEF because they offered a better deal. Even when your contract was terminated ABC still stores your private details (bank account information, address, date of birth, etc. etc.). Mostly this is the type of data you’d want to keep away from public access.
Now you can ask ABC to delete everything they have on you. This is your “Right to be forgotten”. This seems like an easy task for a corporation but in fact it’s a BIG CHALLENGE.
ABC has your personal data spread across their IT environment and duplicated over different departments. For example, they use it to bill you, to send mail, to identify you when you call in for support, to track your behavior and preferences and so on. Your data could be stored anywhere inside the company. It might take days or even weeks to find out where it is with no guarantee that all data was collected.
With new regulations ABC must deliver your Right in a limited time frame otherwise they can be fined up to 4% of their worldwide turnover. This regulation applies not only to mobile operators but to any company or government. It can be a grocery store, bank or a previous employer. It means that companies need to have some tool and procedure in place in order to comply and avoid penalties.
The INDICA GDPR Module is a tool that is able to identify your personal information across all IT systems within the company and provide information on its location and accessibility to different people, groups and (3rd-) parties. It creates a personal card, hence person responsible for private data can execute a deletion procedure.
The next logical question: does INDICA make information about you available for anyone within the company you referred to? The answer is very simply – no, it does not. Normally the solution has a single administrator and a limited number of users within the organizations. Together with this INDICA inherits access right policies set within IT systems, so a user will only find information he is allowed to see.
Keep in mind that your personal data is priceless. Be careful when giving it away and demand it back after an engagement is over.