Preparing for a new era in privacy regulation

CANDDi has always been committed to best in class transparency and privacy controls and is 100% GDPR compliant

Use this guide to understand the implications of the GDPR and changes for your business

In May 2018, a European privacy law, the General Data Protection Regulation (GDPR), is due to take effect. The GDPR imposes new rules on companies, government agencies, non-profits, and other organizations that offer goods and services to people in the European Union (EU), or that collect and analyze data tied to EU residents. The GDPR applies no matter where you are located.

Key Changes under GDPR

Personal Privacy

Individuals have the right to:

  • Access their personal data
  • Correct errors in their personal data
  • Erase their personal data
  • Object to processing of their personal data
  • Export personal data

More info (ICO Website)

Controls and Notifications

Organizations will need to:

  • Protect personal data using appropriate security
  • Notify authorities of personal data breaches
  • Obtain appropriate consents for processing data
  • Keep records detailing data processing

More info (ICO Website)

Transparrent Policies

Organizations are required to:

  • Provide clear notice of data collection
  • Outline processing purposes and use cases
  • Define data retention and deletion policies

More info (ICO Website)

IT and Training

Organizations will need to:

  • Train privacy personnel and employees
  • Audit and update data policies
  • Employ a Data Protection Officer (if required)
  • Create and manage compliant vendor contracts

More info (ICO Website)

CANDDi is an example of marketing and sales enablement software trailblazing in a GDPR compliant environment. CANDDi identifies the visitors to an organisation’s website, fuelling marketing and sales teams with the business related contact details of people actively interested in the products and services of their organisation. Businesses can operate a marketing and sales function safe in the knowledge that their leads have pro-actively visited the business website – how much more of a legitimate interest could there be, than someone pursuing a company website?

While it’s true that GDPR is likely to impact many businesses and how they currently operate, however it also presents a great opportunity to bolster inbound marketing campaigns – a strategy that can bring new customers to you in a manner which complies perfectly with the new laws.

CANDDi is committed to open-ness and transparrency in all our GDPR (and any other issues) as we work through our GDPR compliance materials we'll be making them all available in this section

Disclaimer: The information contained on this site is not intended to be legal advice and should not be seen as a recommendation of any particular legal understanding in relation to GDPR compliance. It is simply an overview of the EU data privacy laws and some of the key issues that certain businesses may need to address. It should not be thought of or relied upon as legal advice. If you are at all unsure, then always seek the advice of an experienced legal team, who will be able to advise you in detail about your individual circumstances.

Four key steps to get started

Anywhere you see CANDDi icon is a template / internal document to show how CANDDi is implementing GDPR internally


Identify what Personal Data is stored within your organisation


Determine the legal basis for processing this data (Consent, Contract, Legitimate Interest, other)


Keep required documentation and manage data requests and breach notifications

FAQs and Blog Posts

GDPR = Got Desperate People Rich(er)

Lee Gilbert
3 March 2018

G.D.P.R = Got Desperate People Rich(er)

Mainly the rumbles and rumours have surrounded the need to re-consent (re-paper) your existing database. You don’t (in 99.9999999% of cases). This has been magnified by the creative linking of actions by companies such as Wetherspoon’s (allegedly) deleting their entire email database. For the record, this was an entirely separate matter and conducted for different reasons, as has been documented......

Read more

Technically how does CANDDi work?

Ed Westbrook
26 October 2017 08:55

CANDDi is a website analytics and tracking tool. The software itself works by the Campaign and Digital Intelligence Client (herein the ‘Client’) placing a small snippet of Javascript code into the header/ footer of their website....

More info

Are Cookies Personal Data

Ed Westbrook
26 October 2017 09:05

Cookies are only mentioned once within GDPR. Recital 30 states: “Natural persons may be associated with online identifiers…such as internet protocol addresses, cookie identifiers or other identifiers…. This may leave traces which, in particular when combined with unique identifiers and other information received by the servers, may be used to create profiles of the natural persons and identify them.”

More info

Some Practical Recommendations

Ed Westbrook
26 October 2017 09:09

To ensure compliance Campaign and Digital Intelligence Limited recommend review and consideration be taken to the below:

More info

For more information or to see a demo of CANDDi