How brands4friends stays secure and privacy compliant

There is no e-commerce without personal data 

Since taking effect in May 2018, the GDPR has reinforced the importance of data privacy for online marketplaces. And for e-commerce businesses, this represents an interesting challenge. Personal data forms the foundation of this business model: from marketing to order processing. A selection of figures from brands4friends demonstrates this: “We send out our newsletter to over one million users - daily. Add to this over 200,000 push notifications and additional marketing measures that we use to inform our members about current offers”, explains Torsten Wolf, CMO of brands4friends. 

Large-scale online marketing can increase risks 

brands4friends has around 3 million registered users. The company stores and uses the personal data of each and every user. As such, the company faces the constant scrutiny of data protection authorities and the public. “We are a well-known brand, but this in turn puts us in a highly exposed position due to our extensive online marketing processes”, explains Andreas Grimm, CHRO at brands4friends, “For us, it is crucial to get everything right and stay on the safe side when it comes to the protection of our customers’ data.” The company also faces above-average liability risks: as part of the Regent Group, which includes German fashion brand Escada, the revenue of the entire group would be impacted if calculating fines for a privacy breach.  

DataGuard’s compelling ‘all-in-one' package  

During the evaluation phase, stakeholders at brands4friends met with several service providers, querying key performance metrics and comparing different offerings. “DataGuard’s privacy experts answered every question we had quickly and competently. They personally convinced us and compared to other providers, offered the best overall package in terms of scope and transparency”, confirms Grimm.  

Spreading awareness and building in-house privacy expertise  

As mentioned previously, online training courses for the brands4friend’s 150 employees was a major requirement. Courses are now offered to all employees in a flexible and efficient way, with seamless documentation, via the DataGuard platform. “Training our team was critical for us”, explains Wolf, “because awareness about the importance of data privacy amongst all team members, together with an understanding of key issues in the handling of personal data, is vital for systematically preventing errors and GDPR infringements.”  

DataGuard Academy is optimised to provide exactly that. Employees can find comprehensive training courses together with up-to-date information and a downloadable whitepaper. “Demand is high: our team love using the platform without us having to instruct them to do so”, confirms Grimm. “We can also attribute that to the fact that we are a very digitally minded company, with prior experience using similar platforms.” 

Staying compliant is the most honest approach brands can take 

Within the team of brands4friends, DataGuard has boosted awareness for data privacy matters and brought expertise on GDPR-compliant processes for e-commerce: “Today, we can make sound decisions on data privacy compliant processes and realize our marketing efforts with the assurance that legal requirements are continuously met. This gives us a real sense of security”, confirms Wolf.  

The bonus? Whenever brands4friends has any questions or doubts, they no longer have to search for an answer themselves or seek help from external experts. DataGuard is their single point of contact for any privacy-related query. “Whenever we have questions about data privacy, we reach out to our external data protection officer. DataGuard responds quickly and competently and gives us clear recommendations for action that we can implement right away. That’s great”, says Grimm. What’s more, the teams can regularly exchange ideas and insights, keeping each other up to date and continuously improving processes in terms of privacy compliance.