Why we developed PrivacyOS

It all started in 2016, after more than 15 years of developing software for profiling and behavioural analysis in the digital marketing industry.
We were (are) experts in the ‘exploiting’ of personal data for business and when we first got into the GDPR we fell from our chairs: everything we and our clients were doing was in the Authority’s sights.

We looked for a solution that would protect us but we didn’t find it, so we did what we do best: we designed and developed it in-house with the support of our biggest clients’ law firms.

In January 2018, after 6 months of analysis and more than a year of development, we presented PrivacyOS to the world we didn’t know how to tell about it: it wasn’t a CRM even though it dealt with managing the relationship between the company and its customers, it wasn’t an ERP even though it managed and stored a lot of information, it served marketing but didn’t do marketing…We had developed the first solution of a totally new market that we called Cyber Data Protection.

To this day, PrivacyOS remains the best Cyber Data Protection solution for consent management in outsourcing.

Why choosing outsourcing instead of in-house solutions for consent management?

Consent management is a critical and extremely complex activity for the company, which does not generate business but only risks creating problems. Activities with these characteristics are commodities for the company and it is convenient to manage them in outsourcing: it makes no sense to bring the costs and risks of this management in-house when it is possible to delegate it to someone who does it for a living, certainly in a cheaper and safer way.

Consents are the legal certificates of privacy for which you and your company are responsible

Managing consents in-house means underestimating their complexity and risks.
Consent is not a simple ON/OFF flag, perhaps with some accompanying information, but is equivalent to a real legal certificate of Privacy, which authorises the company to manage only certain personal data of a certain customer (not any data collected over time, as is sometimes believed…) for a certain purpose and within a certain time.
Not respecting these certificates, not being able to prove their genuineness, not being able to guarantee their origin and legitimacy, disconnecting them from the information or personal data with which they were collected, using them even if they have expired, not keeping their history in a certified manner, misusing, violating or losing them is a crime.
Are you really sure it is up to you to take responsibility for this?

Managing consents in-house does not bring new business to your company but only problems, so why not manage them in outsourcing?

Managing consents in-house is a problem, especially if you use CRM.
CRM is not designed to manage privacy certificates but to do business using your customers’ personal data with as few constraints as possible. In the event of an inspection, it is the CRM that is the first application to be accused and certainly, like all of us, it cannot guarantee for itself: either you use it to exploit personal data or to protect them.

Moving the management of consents to outsourcing means saving money and effort (especially in the updates needed for constant alignment with the Regulation) and also delegating responsibilities and risks related to this management.