May 23, 2017 04:00 ET

Gigya Launches Privacy By Design Program to Help Its Clients Prepare for GDPR

MOUNTAIN VIEW, CA--(Marketwired - May 23, 2017) - Gigya, the leader in Customer Identity Management, today launched the Gigya Privacy by Design Program, offering customized evaluation and implementation services to help its clients prepare for the European Union's upcoming General Data Protection Regulation (GDPR).

GDPR, which takes effect on May 25, 2018, is a radical revision of EU consumer data privacy and protection laws. Consumers must be given full control over their data under GDPR, with simple and easily accessible controls for changing, downloading or deleting stored information. Brands must obtain consent for every specific use of customer data, using plain language that clearly explains the purpose, and must maintain a record of that consent.

The impact isn't limited to Europe -- all organizations around the world that do business with EU citizens must comply, even if they have no physical presence in the EU. The penalties for non-compliance are steep -- up to four percent of annual revenue or EUR20 million (about US$22 million), whichever is greater.

GDPR specifically encourages organizations to pursue "privacy by design," the concept of building customer identity management and related systems from the ground up with a commitment to protecting the rights of consumers.

The Gigya Privacy by Design Program, delivered by the GigyaWorks Global Services team, helps clients understand their customer identity management infrastructure, including the processing and storing of user data generated from online registration, as well as profile, preference and consent management, across all their digital properties. The program then offers recommendations for utilizing Gigya's platform to enable clients to address GDPR requirements. The steps are:

  • Technical Readiness Self Assessment. Clients complete a Customer Identity Management GDPR Technical Self Assessment to determine which aspects of GDPR apply to them.
  • Privacy by Design Strategy Workshop. The GigyaWorks Global Services team works on site with the client's marketing, technology and legal teams to define and customize best practices for addressing GDPR requirements utilizing Gigya's platform.
  • Privacy by Design Blueprint. Based on the outcome of the technical self assessment and strategy workshop, a "Privacy by Design Blueprint" is produced by the Global Services team as a guide for configuring Gigya's platform.
  • Privacy by Design Implementation: Working from this blueprint, the Gigya delivery and services teams work with client stakeholders to implement the recommended changes.
  • Privacy by Design Quality Assurance Review. Following implementation, the GigyaWorks Global Services team performs a quality assurance review to verify the client's chosen functionality has been implemented.

"Until now, the reaction to GDPR has been much like that old joke, 'Everybody talks about the weather, but nobody does anything about it,'" said Jason Rose, senior vice president of marketing at Gigya. "The time for talk is over. As the leader in customer identity and access management (CIAM), Gigya is now prepared to help our clients take immediate and effective action to prepare their customer identity management strategies and solutions for GDPR."

Gigya is also preparing itself for GDPR. Because Gigya stores customer information on behalf of its clients, the company is considered a "data processor" under GDPR and is therefore required to have a Data Protection Officer (DPO). Gigya is meeting that requirement by naming Gilad Sofer, the company's Chief Information Security Officer, as DPO.

To learn more about Gigya's Privacy by Design program, please visit

The Customer Identity Management GDPR Technical Self Assessment is available free in the new GDPR Readiness Toolkit at The toolkit also includes a comprehensive white paper explaining how Gigya's Customer Identity Management platform can help clients prepare for GDPR; a GDPR compliance matrix listing features of the Gigya platform mapped to GDPR requirements; a data sheet on the Gigya Privacy by Design Program; and results from Gigya's 2017 State of Consumer Privacy and Trust survey.

Privacy by Design webinar

Gigya will explain the Privacy by Design program in detail during a webinar set for 11 am Eastern (16:00 GMT) on Thursday, May 25. Jason Rose, senior vice president of marketing, and Adrian Nash, vice president of global services, will explore how organizations can assess their GDPR readiness around customer identity and how to incorporate privacy by design principles in managing customer data. To register, please visit

About Gigya

Gigya's Customer Identity Management platform is helping companies build trusted digital relationships with over 1.3 billion consumers. With Gigya's technology, businesses increase registrations and identify customers across devices, consolidate data into rich customer profiles and provide better services, products and experiences by integrating data into marketing and service applications. For global businesses operating in an increasingly complex regulatory landscape, Gigya optimizes compliance and customer trust, with discrete regional data centers and customer self-service options for managing profile, preference, opt-in and consent settings. More than 700 of the world's leading businesses rely on Gigya to build identity-driven relationships and to provide scalable, secure and compliant customer identity and access management.

Contact Information