New Regulation. Familiar Practices.

This blog post series introduces the General Data Protection Regulation (GDPR) from the perspective of web and structured content management, relates privacy terminology to typical online use cases, explains features in the SDL Tridion DX Suite (SDL Tridion Sites and SDL Tridion Docs) that may be impacted by the regulation, and shares recommendations to help you comply with the GDPR. 

I will post a new topic on GDPR weekly and will update this introduction with the individual posts as we go along. 

  1. SDL Tridion DX GDPR Blog Post Series (this post) 
  2. GDPR Introduction from a Content Perspective (Terminology and Rights)
  3. SDL Tridion DX Features and Capabilities Impacted by GDPR
  4. Organizational Recommendations for GDPR Compliance
  5. GDPR Impact for the Ambient Data Framework and Experience Optimization
  6. GDPR Impact for Audience Manager

Key to GDPR compliance is clear and transparent handling of your prospects’ and customers’ private and special data. This includes many practices you probably implement today such as acquiring user consent for the use of personal data. 

Read an introduction to GDPR by SDL’s Privacy Officer, Andrew Fisher, which notes that as of mid-last year, companies were still trying to understand what GDPR means to them. Even now, industry experts in privacy and security are still weighing in on how GDPR translates into practical advice for organizations. 

Indeed, we’re hearing from our content customer contacts that their Privacy Officers, Security Officers, or project leads are looking for all relevant GDPR information for the applications they “own.” 

CEO Adolfo Hernandez put GDPR into context alongside other regulations and directives in this blog post, where he invites organizations to start a conversation about compliance with us. 

We’re In This Together

SDL itself is updating its internal practices and systems to give its own prospects and customers more visibility and control over how we process personal data across our various channels. We’re reviewing our products and services to confirm how they can help you with GDPR compliance and will continue to communicate about GDPR up to and beyond the May 2018 deadline. 

Share your views, examples, and question on this important topic in the forums or comments for this post. 

Let’s get started with an introduction to GDPR from a content perspective. The next post will introduce GDPR, privacy terminology, and the data subject rights covered in the regulation.


These blog posts are meant to help SDL customers familiarize themselves with the concepts and high-level requirements of the General Data Privacy Regulation (GDPR). Following these recommendations can help organizations follow good privacy practices. But this should not be treated as legal advice or a comprehensive and exhaustive checklist for “GDPR compliance.” 

All organizations are encouraged to read the GDPR from legal, business, and IT perspectives, to confirm how to best comply with the regulation to ultimately protect and safeguard the privacy of the people that interact with them.

Anonymous