The general data protection regulation will come into effect on May 25th, which underlines the importance of establishing a strong data culture within each company.

For Thibaut De Vylder, CEO of dFakto, the findings are not appealing: « Many organizations are still doing gap analysis, and too few have started the actual shift to implementation. It is only the implementation planning and rollout that makes it possible to understand the scope of the work to be performed. »

In this type of regulation activity there are three obvious phases: « Assessment”, “Implementation” and “Operationalization”. Currently, all the activity we’re seeing is organisations focusing primarily on the assessment, especially focussed on legal analysis of the contracts of their customers, focussing on the right to use the data, etc.  At the same time, security specialists analyze the infrastructure, the network, the way the data is stored, along with many generalist consultants help to produce of the gap analyses between the current and target regulatory compliance situation. The purpose of all these typical analyses being that each company makes only an inventory of the management of personal data within their activities. »

Beyond the theory

Aligned to these three types of assessment actors, there are tools to support their outcomes, but these are constrained to the theory rather than the practice of actionable GDPR. « Hence the interest to move past this to the action stage, » continues Thibaut De Vylder. « There are implementation guidance solutions, such as GDPR360, that are designed for lean simplicity and are particularly designed for tracking the tasks to be performed, and associated risks. In addition, controls are carried out on the basis of the data deemed sensitive and which will make it possible to detect the noncompliant data and suggest the precise actions to make them conform to acceptable tolerances. »

The goal is to facilitate & drive a true data culture: the lean nature encourages each employee to contribute and become a « data citizen » in the company and seamlessly take on his or her responsibilities in relation to the data. Further regulations such as e-Privacy will only reinforce the requirement for these responsibilities.

A strong signal

Nevertheless, it is clear that « there will be a transitional period, the communication at the base was not necessarily very clear, » says Thibaut De Vylder. « GDPR is a good practice and sends the signal that we will not be able to do anything without asking people for their consent. The digital image of people is increasingly used for decisions that concern them. Hence the importance of restoring the management of this image to the people in whose hands belongs. »

Source: Thibaut De Vylder interviewed by Olivier Clinckart translated from

Nixxis’s advanced Contact Suite is a visionary and flexible solution that has been designed anticipating all future needs of contact centers in terms of customer interactions (phone, email, chat, sms, social networks). 80% of Nixxis’s customers report up to 20% increase in productivity and profitability. By promoting dFakto’s GDPR 360 application suite, Nixxis is probably one of the first that brings GDPR compliancy as a competitive advantage !

GDPR concern worldwide business which handle private data on EU citizen.

While you are a Data « Controller » or « Processor » you now have obligations and rights towards Data subjects and Authorities.

As a Data Processor, Nixxis needs to be aligned to its customers obligations as Data Controller and therefore has decided to implement dFakto GDPR 360 to manage the day to day operations maintaining GDPR compliance.

A Data Processor may only operate on behalve and according to the Data Controller’s instructions. The Data Processor may suggest processes improvements and data quality checks regarding GDPR compliancy but may not implement them without the approval of its Data Controller.


When facing GDPR, most organizations are focusing on the assessment rather than on the GDPR implementation & operations.

gdpr image2 540x304 540x304 - dFakto is proud to announce a new partnership with Nixxis regarding GDPR compliance.

Those organisations are supported by Law firms for their legal framework, Security firms for their security frameworks and/or GDPR consultants to produce DPIA’s (Data Protection Impact Analysis).

Where are you in your process to be GDPR compliant? Is your assessment done? Have you already set up an operational solution to manage your daily actions once GDPR is in application?

Regulations come into effect in less than 3 months or 80 days from now! After that, the full force of the law comes into effect.

Before May 25, 2018 performing an impact assessment was adequate, but after this date, every bit of Personally Identifiable Information (PII) across the business must be accounted for and managed, to avoid very real fines.

This is a game changer. It is no longer adequate to simply have ‘accounting-like’ procedures in place – the actual PII data must be managed and the business is accountable for it directly.

GDPR is fundamentally a highly evolutive data management challenge. The GDPR solution requires an agile data approach.


Turn the GDPR obligation into an opportunity and a competitive advantage with dFakto’s GDPR 360 !

With more than 17 years of experience, dFakto is a company that specialises in sourcing and collating data so that senior managers can more easily identify actionable insights to drive their business forward.

Discover dFakto’s GDPR 360 operational solution to effectively manage daily activities and stay secure regarding risks and costs exposure.

dFakto provides with the best agile GDPR 360 solution and services available on the market. It will tackle this impactful legal obligation in an innovative, cost effective, incremental and sustainable way.

Our innovative GDPR 360 solution addresses the GDPR post-assessment implementation & operational challenges.

GDPR is coming fast now. Are you ready ?

dFakto ecosystem provides a complete GDPR value chain from assessment, implementation to daily operations to maintain compliance.

Visit our website, download our white paper or contact us to get a demo and a GDPR 360 pricing.