As GDPR’s One Year Anniversary Approaches, Adobe Announces GDPR Validation from TrustArc
by Alisa Bergman
posted on 05-14-2019
As we approach the one-year anniversary of the General Data Protection Regulation (GPDR), a retrospective look at the past year and a look ahead to the future seems fitting. One thing is abundantly clear: GDPR has had an incredible impact on bringing privacy and data protection issues to the forefront. This four-letter acronym is much talked about in board rooms, front page news, sparking legislative and regulatory activity and debate globally, and is top-of-mind for consumers. Privacy is not only having a moment, it’s something that is here to stay.
Building on Adobe’s heritage of certified security controls (e.g., SOC2, ISO 27001 etc.) and beyond, as well as our privacy-by-design foundation, we wanted to appropriately mark this GDPR milestone. So, we teamed up with TrustArc, which has a rich history of helping companies demonstrate compliance, to independently verify our GDPR readiness for various offerings within the Adobe Experience Cloud. We are very proud of this announcement and the work behind it, and look forward to continuing to be a trusted provider for our enterprise customers when it comes to powering digital transformations.
At Adobe, we put our enterprise customers’ needs at the center of the privacy equation, always striving to see around the corner by both listening to and anticipating our customers’ needs when it comes to privacy. We have been hard at work launching and iterating on new tools and technologies to enable our customers to power their digital transformations in privacy-friendly ways that support transparency and trust-building along with user-choice and control. Working with TrustArc, we are taking the added step of obtaining their validation to provide additional confidence in our readiness for the customers, clients, and partners that we’re fortunate to support.
Many companies are seeking ways to benchmark and communicate their GDPR readiness efforts right now while they await future GDPR certification programs and codes of conduct under GDPR. Today, we are proud to announce that TrustArc has reviewed and successfully validated Adobe’s Marketing Cloud, Advertising Cloud, and Analytics Cloud products against the TRUSTe GDPR Privacy Practices Compliance Validation Requirements. Notably, Adobe is the first large company in the digital experience space to receive this validation – highlighting our commitment to GDPR-readiness.
TrustArc CEO Chris Babel said, “We believe a strong privacy management program is critical for companies to build and maintain customer trust and to help ensure compliance and accountability. Adobe has successfully demonstrated that three of its cloud products meet the applicable requirements of the EU General Data Protection Regulation (GDPR) based on our GDPR Privacy Practices Compliance Validation Requirements.”
The privacy landscape is quickly evolving with new guidance emerging from regulators, technological solutions and business models. At Adobe, we think the best way to stay ready in this changing environment is to:
- Focus on building “privacy-by-design” even deeper into the product development processes and company culture. Rather than looking at GDPR as a one-time compliance project, let it be the foundation for a sustainable privacy/data protection program for data lifecycle management and governance.
- Take a user-centric approach, something we call “experiential privacy.” This aligns with key privacy principles of transparency, fairness, choice, and control.
Both in the lead up to GDPR and over the past year, we’ve worked hard to continue building on our strong privacy foundation. We’ve spent time working with our enterprise customers to understand their privacy needs when it comes to our offerings, in the form of new products, services, documentation, and agreements. We launched services like our GDPR API, GDPR UI and GDPR ID retrieval tag. We are busy scaling and re-calibrating these tools to address emerging global requirements, in addition to the governance capabilities we offer our customers, all of which are now part of what we are calling our Privacy Core Services.
As we continue to navigate the ever-changing privacy landscape, listening to our customers and working with trusted companies like TrustArc has proven to be invaluable. We look forward to the road ahead and to traveling with you on the shared privacy journey.