What does data protection, privacy and security mean for us?
We protect the things we really care about. And that’s why managing data in a safe way is a top priority at GfK.
For us, data protection, privacy and security are about more than sets of rules or regulations – these areas are ingrained into our culture and are at the core of how we deliver trusted insights.
As a global leader in market research and big data analytics, we’re experts in dealing with sensitive information and know just how much today’s consumers value the security of their personal data. Our customers trust us with their personal information and their privacy. And protecting that information and respecting their privacy is fundamental to maintaining that trust. Our privacy and security programs govern how we collect, use and manage employee, client and customer information.
Everyone within our organization is responsible for demonstrating compliance when it comes to data protection, privacy and security – not because of the law, but because our company philosophy demands this attitude and commitment.
What are we doing about it?
We have a dedicated organization that maintains and monitors compliance and ensures all employees understand the importance of protecting the confidential data GfK manages. Trainings on data protection are constantly underway throughout our offices around the world and this is something that is supported by the highest management levels.
GfK welcomes researches to willingly and voluntarily report any vulnerability that is connected to GfK solutions and systems. Submission of these vulnerabilities are subject to the terms and conditions set forth in this link vdp.gfk.com By submitting a vulnerability to GfK, the finder acknowledges that it has read and agreed to these terms
We ensure a secure environment to protect the confidentiality, integrity and availability of information. We do this by implementing a broad range of security technologies such as network security, data encryption and access controls. We make sure that all our solutions are designed and developed with security in mind from the very start. We maintain a strong information security management program to ensure a proven policy and compliance structure, a comprehensive security awareness program and a solid risk management framework.
Cyber security attacks pose a significant risk to our business, infrastructure and data assets. Remaining vigilant in preparing against these threats, defending against them and planning for the future, are essential elements of our strategy.
Our Data Protection organization reports directly to the CEO and CFO and includes three levels: a central team in our Nuremberg headquarters, a privacy representative in each of our regions and data protection or privacy officers mandated by local laws in the corresponding countries. This is so our clients, partners, and authorities always have a strong point of access for clarifying any issues on data protection.
„For GfK, data protection goes beyond existing standards and new regulations, such as the General Data Protection Regulation, that will come into play. We strive to keep our promise of being a trusted partner and one that delivers uncompromised insights to our clients. That means sophisticated measures are in place across our offices to ensure we have harmonized security standards in all countries where we process data.“