For a brand that is so universally recognised, transparency and customer trust are key values. Privacy by Design and accountability, concepts in the GDPR that were new and not so tangible, caused some headaches for many early on in the journey towards compliance. However, together they can help companies to implement data protection principles effectively, demonstrate compliance to the regulators, and most importantly, gain individuals’ trust.

Privacy by Design can also help avoid bad PR, fines, claims – so what’s not to like? Giorgia Vulcano, EU Privacy Counsel for the EU office at the Coca-Cola Company is very enthusiastic about the concept: “We have been raising awareness of the importance of Privacy by Design throughout the company through different approaches. For example, arranging PbD workshops for cross-functional teams to discuss fictitious case scenarios and co-create solutions that are privacy protective. That provides an opportunity to explain the underlying principles, and how to put this concept in practice, and to understand where the red flags are. For example, when introducing new activities, e.g. promotions, a DPIA is required, and we discuss what it entails.”