It’s no longer about meeting privacy laws, but about meeting customer expectations, according to Caroline Olstedt Carlström, Vice President Privacy at Klarna. Thanks to a cross-functional team and a globally anchored approach, Klarna now ensures both security and new business opportunities, adapted to a future where privacy matters and a more distinct customer relationship will be in focus.
“GDPR is a good baseline, but it’s not why we are focusing on privacy and data protection,” says Caroline Olstedt Carlström, a lawyer who is working with privacy and data security at Klarna, a Swedish company operating in about 20 countries providing payment solutions for the e-commerce industry.
During Cognizant Snapshot Breakfast “How can GDPR Generate New Business Opportunities?”, Caroline Olstedt Carlström, also a chairman for the Swedish Data Protection Forum, said that GDPR, privacy and data protection are about meeting the increased interest from users and stakeholders, about accountability and how to build trustful relationships with consumers, partners, and investors. Performed correctly, it’s uttermost a way to turn potential risks into a competitive advantage.
Collecting personal data – creepy or cool?
While legal compliance is important, it only consists a small percentage of what data protection and privacy is really about. Primarily, you should focus on whether the actions are relevant – and all organizations will have to take this into consideration. The key is to establish trust between the company and the consumer.
“Ask yourself if the tradeoff is balanced and makes sense to the consumer,” says Caroline Olstedt Carlström. “Klarna sees an increase in user questions and comments; consumers are getting more and more aware, and companies need to respect them and get to know them.”
Digital introverts or extroverts?
Another hot potato, is identifying and meeting all sorts of customers – some willing to give consent to share data and some resistant to. Klarna is developing a privacy dashboard to make sure consumers can chose, and to ensure a friction free way for those who want to sign up and give consent. The transparency paves way for increased trust.
GDPR permeates the organization
How does Klarna organize their GDPR work? Overall, they strive to promote a privacy aware corporate culture, with a bottoms-up approach, where work is aligned across the company. Within GDPR, they have a global privacy office, a privacy program, a governance structure, and a dedicated DPO (Data Protection Officer).
“It’s important to find someone in the organization who can focus on privacy aspects from both a legal, technical, security, and consumer perspective,” says Caroline Olstedt Carlström. “It’s a true challenge to meet such a variety of needs and find a way forward.”
Advice for GDPR success
Most companies have now initiated GDPR work at some level. Caroline Olstedt Carlström ends with some advice on how to accelerate the GDPR and privacy process in your organization: