“Our customers have reached out to us and told us privacy is important to them; that makes it a massive priority for us as a company” said Paul Howatson, IT Manager at Halfbrick.
New Player: Changing from an Australian to a global privacy mindset
As an Australian company, Halfbrick’s original approach to their privacy program was from the perspective of the Australian privacy principles and regulations. “We were aware of the GDPR a long way out, but it took a while to discover what the implications would be for us as a company, and this was about the time we began to look at OneTrust,” said Howatson.
After Halfbrick conducted a privacy audit and worked out where the gaps were in their privacy program, they were in search of a tool to properly document all the different systems the company uses and what information they collect. When looking at OneTrust, the Data Mapping and Assessment Automation tools are what first caught Howatson’s eye. It was a priority for the Halfbrick team to have a tool that can go through the processing activities and then work to ensure they are collecting only what they need to, storing it securely and disposing of it when there’s no longer a legitimate business purpose.
“When we looked for other tools, we couldn’t find anything we couldn’t do better ourselves,” said Howatson. “OneTrust was the first product that we knew would add additional value to our business.”
Cheat Codes: A flexible approach to innovation and data protection
The seamless onboarding process of the OneTrust tool was incredibly valuable for the Halfbrick team. “We were particular about how we wanted things to work, and OneTrust was very open to feedback we gave initially, jumping into the system and making changes for us,” said Howatson. “This ultimately made the onboarding process much smoother for everyone.”
As IT Manager at Halfbrick, it’s important to Howatson that all Halfbrick departments can use the tools and apps they need to do their jobs. On the flip side, this means more work for the IT team to keep track of the different types of software or apps that may access personal data. With OneTrust, Howatson can empower his team to use their tools of choice without compromising privacy. “It was a massive process to put all our assets into data mapping,” said Howatson. “We found it beneficial on every side from privacy and security to general IT; because of OneTrust we can enable innovation while still maintaining data protection.”
After going through the data mapping process, Halfbrick was able to assess their processing activities. Halfbrick collects information from users in many different ways, from the games themselves, to bringing in users to test new features and other marketing activities. Once the company recognized where the gaps were, they were able to mitigate those and develop a robust and mature privacy program.
