COMBERA GmbH often turns your visit to a supermarket into a culinary experience by employing friendly promoters or filling the shelves with vegan meat substitutes and popular chocolate bars, inviting you to purchase them. The Munich-based field marketing agency is a leading specialist in strategic and tactical sales services in Germany.
"We support international brand manufacturers from industry and retail with PoS campaigns, smart product placement and end-user analyses," says Jason Ramadani, HR Business Partner at COMBERA GmbH.
Founded in 1976, the company employs around 380 full-time staff and numerous freelancers working in the field as sales teams, mystery shoppers and merchandisers.
“Personal data and data privacy obviously play a key role in our business. The requirements have increased further with the GDPR coming into force. Our internal data protection officer retired at almost the same time, so our management decided to outsource the tasks and collaborate with an external data protection officer."
What were the compelling reasons for working with DataGuard?
“It was the extremely transparent and structured pricing model that tipped the scales,” says Mr Ramadani. “We chose a professional solution that covers a spectrum which an individual internal data protection officer cannot provide – neither in terms of expertise nor in terms of time. In addition, the costs for a medium-sized company like us to outsource to DataGuard are lower and much easier to calculate compared to building up suitable internal resources."
In June 2020, COMBERA and DataGuard kicked off the process by conducting a data privacy audit.
“The findings gained from the audit led to considerable improvements for our company over a short period of time and helped us optimise our technical and organisational measures (TOMs). All the data privacy-related content we have published is now up-to-date. In addition, DataGuard reviews our data privacy status in collaboration with third parties and checks our data processing agreements (DPAs) for compliance with the GDPR. In brief: We now know that we meet all the requirements. That's very reassuring. Furthermore, we can always rely on unbiased support and quick feedback.
It has optimised our processes in a measurable way. A key advantage is that I can pass on all data privacy tasks and queries to our contact person at DataGuard. This single point-of-contact principle makes my life as an internal Data Protection Coordinator much easier. Their daily support and one-off improvements save us a lot of effort and working time."
In particular, outsourcing data privacy tasks to freelancers used to mean considerable administrative effort at COMBERA.
“Typically, we had long-term framework agreements with our freelancers, but before each assignment we had to obtain written consent under data protection law for their personal data to be passed on to customers. This added up to hundreds of consents and thus to a massive amount of time and effort every year. After the audit, DataGuard proposed a much more efficient solution: Now, we only obtain the consent once, directly as part of the framework agreement, in accordance with Article 13 GDPR."
In conclusion, “Switching to DataGuard as an external data protection officer was just the right solution for us, both in terms of expertise and cost-efficiency. Perfect in every way!”