GDPR & Data Privacy in Customer Intelligence platforms. Our approach.

Big Data & AI are hot topics now. Social Networks and more & more information owned by companies through their digital transformation IT systems evolution are increasing the demand of citizens for “protection”. The EU is now launching the GDPR, General Data Protection Regulation.

It is clear that it is a currently accepted request to improve the personal data protection, more after recent leaks suffered by email providers or even financial institutions.

Creative Commons pic by https://pixabay.com

Being a startup with a product that collects many customer interactions and segmentation data in order to analyze the customer behaviour and predict potential needs based on external phenomena we studied carefully which could be the best approach as:

  • Our potential customers are big financial, insurance, airlines and utilities.
  • Our software could be intalled on premises or in the cloud.

Our platform, Anbotux helps to profile customers of an enterprise and provides a tips/feedback API to improve chatbot personalization and additionally helps to analyze the customers aggregated in as many dimensions-segments the enterprise would need. Also, Anbotux relationship of the stakeholders “feeding” the database is via APIs.

The best approach was obvious, we do not need the name nor a public document identifier number (passport nor identity card) to identify each single end-user of our enterprise customers. Only the enteprise (let’s say a bank) could have the table matching customers IDs with the non-personal-idenfiers used in our platform. With this approach all the data is anonymized.

This is very important in order to launch an affordable SaaS version for SMEs in order to provide a tool to analyze their customer usage of chatbots and other customer care channels.

Apart from a post-check of GDPR compliance (and other countries local regulation) it is very important to design the data architecture in a way that could avoid additional layers software (overhead) to ensure the needed compliance and limiting the personal information used to the one really needed for the purpose is key.

You may debate in the comments section!