“Our approach to privacy is two-fold,” said Renate Lang, Legal Counsel/Head Practice Group HR & Data Protection at Schindler. “As an employer it is imperative that we take care of the personal data and processing of our employees, and from a legal perspective we have to do everything we can to be compliant and help mitigate the risks for the company in terms of data protection.”
Mobilizing to an aligned privacy program
Prior to the GDPR, operating under the European Data Protection Directive, Schindler was managing their privacy program in different ways across all 28 EU member states. This made it difficult to streamline privacy across the company. Once the GDPR came into effect, it allowed Schindler to better align their approach to privacy, but they still faced challenges as a company operating at such a large global scale.
“We are too big of a company to work with excel files,” said Lang. “We needed a tool that is accessible from every level and allows us to see everything in our privacy program at once, something that is not only secure but easy to manage.”
As Schindler began to look for a tool to manage their global privacy compliance efforts, they evaluated multiple tools but found OneTrust was the best fit for their privacy program.
“We saw that OneTrust is a tool that we could roll out globally,” said Lang. “It was important to us to find a soft solution that can evolve and change with our privacy program, and we were able to find that with OneTrust.”
Manufacturing a localized approach to a global challenge
Schindler selected OneTrust for Assessment Automation (PIA/DPIA), Data Inventory & Mapping and Data Subject Rights Management for their global privacy compliance efforts.