Article from the 2015-01-28
The goods were selected, the address saved, the credit card information written down – an instant of doubtfulness – then the click on "continue". It is only understandable if you doubt while shopping on the internet, since there are many news about data misuse and security gaps. Online companies have never before asked for so many data, as they do today. The European Privacy Day is a good chance for us to let our privacy commissioner Andrea explain it all: How does privacy at Connox work?
Andrea, you are the privacy commissioner at Connox. What does your mission look like?
Privacy is an omnipresent topic at Connox. It appears every day and it is in almost everything we do in the office – when we change orders, plan marketing actions and change the shop page. It is impossible to be avoided, especially working with online shops. I inform the colleagues about how to use determinate information and where are the limits. I am regularly training them therefore, for example. If they aren't sure about something regarding privacy, it is me they'll ask.
My function as privacy commissioner is also very IT-sensitive: I proof if the colleagues use the programs we need to process sensitive information correctly. IT security gaps shouldn't even start to appear. There are determinate functions that can only be used by determinate employees, others are totally locked – like the download of customer information. If the employment authority proves the shop, it is me representing Connox - that's a lot of responsibility.
Connox isn't that big. Do we really need an own privacy commissioner?
Every company that has personal information about more than nine people to be processed electronically needs a privacy commissioner – internally or externally, it doesn't matter. There might be small organisations that haven't concentrated on this theme yet. They might not even know it exists. Connox is positioned on a very good level regarding privacy.
But privacy isn't only a kind of service for the customer.
No. The Federal Privacy Law (BDSG) regulates how to treat data in Germany together with the privacy polices of other countries. But it's as well a service we offer, of course. And among all of the black sheep, privacy is surely a competition advantage. Companies must deserve the trust of their customers.
What is privacy good for?
More and more life aspects end up on the internet – communication, banking, shopping. This means that more and more sensitive information is required online. Privacy polices protect the information from misuse and each one of us in our right of personality. Everyone should be able to control who is using his private data and for what.
What does privacy include at Connox?
The prohibition principle with the reserved right of permission is a very important principle. This one says that collecting, processing and using personal data is generally prohibited. It means that we only collect information at Connox, if we are allowed to do so by law or if the concerning person expressively allowed us to do so – usually in written form. This is the case when a customer completes his registration. We also only send out newsletters if the subscribed accepts by means of clicking on the confirmation button in the confirmation E-Mail. We only use the information for the ordering process and we don't give it to third parties, of course. And the continuous optimization of all technical safety principles improves our privacy even more.
The information we generate in our shop and the purposes we need it for is transparent: We keep all the information we collect detailed and clearly visible on the privacy police in our shop. This is how everyone is able to decide who will see his personal data, in which moment – this is a personal right. This also means that we are able to inform the customer about the information, to change, lock or erase it. I am also responsible for that. Internet and privacy are indeed combinable.
You said Connox optimizes the privacy technical principles continuously. Do we profit from our own IT company Quillo?
Surely we do. We are able to realize new demands and to solve technical problems immediately. We were able to implement privacy aspects already while we were developing our own shop system "EC Suite" (German webpage).
Who proofs if we respect and implement the terms correctly?
The federal German economy follows the self-control of the companies – contrasting other countries of the EU -, not at last to avoid bureaucratic efforts. Moreover there is the institution of the operative privacy commissioner and the privacy supervisory authority. This last one is allowed to prove and fine companies if necessary, unannounced.
What does all of it mean for our customers?
Since we take privacy very seriously and we communicate this, it surely also increases our customer satisfaction. The customer knows that we treat his information carefully and according to the law. This tranquilizes.
Article from the 2015-01-28