+31 (0)43 30 88 400 | office@comex.eu
AVG: where does your customer data reside?
The right to oblivion in the AVG states that as a company or organization, you must be able to delete personal customer data. But where is that data? Were they also used for marketing purposes? What data does the call center have? Do you know anyway who you passed which customer data to?
Has everything been removed?
Remember that you backed up to the cloud. Often you don’t know where the data is. But even a backup on a tape has drawbacks, because loose data on a tape is not easy to find. You can only read back a tape in its entirety, so you can’t erase any loose data from a tape. And what about emails? That includes personal data, and many companies use a cloud service for mail, among other things. Delete a mail from your gmail once. Then are you sure everything has really been removed?
Local storage isn’t so crazy
Being aware of this responsibility is a first step. After that, it is a matter of execution. A certificate from your service provider/cloud service that the data has actually been deleted is one solution. Then you are not yet quite sure that it is indeed so, but you can at least shift the responsibility. Even better is to work locally, and then, of course, we like to talk about the Silent Bricks. It may sound like a step backward, but it is not. Given the bandwidth of the average Internet connection and cost of service from cloud providers, local is a great option. Data is quickly found, possibly deleted or copied. An additional benefit is that a backup is quickly restored in the event of a disaster.