We saw that in the Facebook Phone Number Database scandal that caused many users to leave the platform . What steps should you take? How do you find out if you are collecting or have collected PII? How do you delete this Phone Number Database data and how do you prevent storage of PII in the future? Go through the following 3 steps: 1. Detect Here you investigate whether you have collected PII. You do this by Phone Number Database investigating whether PII has ended up in all systems to which you send a page URL. These are, for example, Google Analytics, DV 360 and Facebook Ads Manager. In addition, you map out the reasons why this PII is collected on a website.
It is very important to Phone Number Database continue to do this periodically in order to be able to intervene as quickly as possible as soon as PII is collected (again). 2. Delete If you know that PII has indeed been collected, remove Phone Number Database it from all systems where it is stored. More importantly, getting rid of the root cause of this problem is by modifying the website so that PII no longer appears in Phone Number Database the URL. 3. Prevent In practice, it is impossible to always prevent PII from being collected (and thus be 100% GDPR/AVG-proof). There are many forms.
I think that as a company you Phone Number Database should at least be able to demonstrate that you have taken preventive (and reactive) measures. That is why it is good to start by researching which types of PII can be collected. Because many different types of data are classified as PII, it is highly company, industry and context dependent Phone Number Database which possible forms you may collect. Reduce the chance of collecting PII Do you collect email addresses or credit card numbers? With the right adjustments in Google Tag Manager it is possible to detect and overwrite PII before you send data to, for example, Google Analytics or DV 360.