1. Cognism
  2. General Info & FAQs
  3. FAQs

How Does Cognism Comply with the Requirements of the GDPR?

Kevin Doherty
Updated

How does Cognism comply with the requirements of the GDPR? Explore Cognism GDPR compliance resources, safeguards, and data protection measures.

This guide provides a clear GDPR summary, outlining the processes, safeguards, and compliance measures Cognism has in place. 

From data sourcing and validation to security standards and data subject rights, it explains why GDPR is important and how Cognism protects personal data.

Here’s the GDPR overview we follow: 

1 - Obtain and validate business data from public sources

Cognism only obtains business contact data from publicly available sources. We validate our dataset on an ongoing basis.

2 - Screen telephone data against Do Not Call registries

Cognism screens its telephone database against multiple Do Not Call registries worldwide.

These include the DNC lists in:

  • the UK (TPS and CTPS)
  • the United States
  • Germany
  • France
  • Ireland
  • Canada
  • Spain
  • Portugal
  • Croatia
  • Sweden
  • Belgium

3 - Conduct legal assessments for data processing

Cognism has conducted a legitimate interest assessment, balancing tests, a transfer impact assessment and a data protection impact assessment with external legal counsel.

4 - Meet transparency obligations under Article 14 of the GDPR

Where required under Article 14 of the GDPR, Cognism notifies data subjects that it holds their data.

These notifications:

  • Inform individuals that Cognism holds their data
  • Explain Cognism’s processing activities
  • Provide the option to exercise their rights, including the right to opt out

5 - Handle data subject requests

Cognism has a clear privacy policy. A dedicated internal team deals with Data Subject Access Requests (DSARs) within the required timeframes.

6 - Maintain information security compliance

Cognism holds ISO 27001 and SOC 2 Type II certifications for information security compliance.

7 - Register with the relevant authorities

Cognism is registered with the UK Information Commissioner’s Office (ICO). In the United States, Cognism is registered as a Data Broker under the California Consumer Privacy Act (CCPA).

8 - Put safeguards in place with third parties

Cognism has relevant contracts and safeguards in place when dealing with third parties. These ensure that personal data can be processed in compliance.

9 - Review compliance processes regularly

Cognism continually reviews its compliance processes and mechanisms. This helps ensure services are provided in compliance while upholding data subjects’ rights and interests.

After reading this article, you should understand the measures Cognism takes internally to comply with GDPR requirements.

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Article is closed for comments.