Guardian of the holy grail.

Kirsten Pedd is responsible for data supervision at EOS. With a worldwide data privacy strategy, she is making the Group fit for digitisation and growing requirements.

Chief Compliance Officer and Chief General Counsel, can you tell us why EOS needs a worldwide data privacy strategy?

Kirsten Pedd:  Data are our most important assets. The protection of sensitive customer and consumer data is the basis of our success. At the same time, the demand for data privacy and protection is growing, including as a result of regulations such as the latest EU General Data Protection Regulation (GDPR). European legislation has brought personal data more sharply into focus with this regulation. The EOS Group is represented in 26 countries. Therefore, different legal systems require a strategic examination of the topic. From Hamburg, Germany, EOS coordinates the work of data protection officers in companies all over the world.

How do you establish the strategy around the world?

Ms Pedd:  The subject of data privacy is growing more and more complicated. That is why we’ve created the Corporate Compliance area. However, we don’t centralise responsibility here. The companies in the different countries and their data protection officers remain responsible for compliance with data protection tasks in their region. However, the new area at EOS headquarters in Hamburg decides how certain legal passages should be interpreted. It goes without saying that we always offer our customers legal certainty.

Since 2016 we have worked to make ourselves fit for GDPR.
Kirsten Pedd, Chief Compliance Officer and Chief General Counsel

How does EOS make sure that the EU GDPR is observed?

Ms Pedd:  Since 2016 we have worked to make ourselves fit for GDPR. For example, an advisory and strategy body – with representatives from data protection, IT and operations – advises top management. With this cross-segment collaboration, we always know where the challenges lie and, inside the team, we find the best solutions.

What role does digitisation play in data protection?

Ms Pedd:  A very big one. It leads to greater transparency. At the same time, the need to protect personal data is increasing. For example, the subject of data erasure is very important for our new tailored strategy. The algorithms we use in our Centre of Analytics also play an increasing role. With them, we can plan the next best debt collection action even better.

What advantage does the data protection strategy offer EOS

Ms Pedd:  Their data and those of consumers remain secure.

With the General Data Protection Regulation (GDPR), European legis­lation is imposing extensive documentation duties on enterprises that process data. The appropriate data protection supervisory authority is entitled to examine the documentation at all times. The preparations to introduce the GDPR in May 2018 gave the EOS Group an opportunity to develop a uniform worldwide strategy on corporate privacy, or data protection.