Unify and manage your data

GDPR compliance in the Reltio Platform

Learn about the EU GDPR law and compliance requirements.

About GDPR

The European Union (EU) General Data Protection Regulations (GDPR) is a law designed to enhance data protection for EU residents and provide a consolidated framework to guide business usage of personal data across the EU. According to the written regulation published by gdpr.eu , it:
  • protects the personal data of individuals residing in the EU, as well as non-EU residents visiting the EU.
  • applies to monitoring individual behavior, processing personal data through automation, and processing data by any method with the intention of filing that data.
  • applies to any entity that processes or controls data in the EU, offers goods or services to people who are in the EU, or monitors behaviors of people physically in or related to the EU.
  • extends due diligence obligations and potential liability to data controllers and data processor.
The broad scope and definitions of the GDPR means it applies to almost every website or app that tracks data, and any business - whether located in the EU or not - that does work in or for the EU.
Note: The breadth and scope of the GDPR typically outweighs the regulations of local laws, such as the California Consumer Privacy Act (CCPA) in the US. Local laws may or may not have different regulations that apply to you.

GDPR compliance requirements

According to the GDPR Compliance requirements, the following data is affected:
  • All profile entity or entities
  • All historical data
  • All losing entity or entities (for more information, see topic Merging Two Entities)
  • All records from the Activity Log except records about creating and deleting
Your consumer data in Reltio must be compliant within 30 days of the request, unless:
  • The customer has a pending transaction.
  • The customer has completed a transaction with the past 30 days.
Important: We recommend that you keep a record of the person or organization requesting each GDPR delete, preferably in a rights management system, as the Reltio platform doesn't store the identity of the requester.