Mastercard GDPR Implementation

The Problem

Europe passed the GDPR regulations, which is alot of legal talk that basically amounts to…

  • Users have the right to request their information
  • Users have the right to have their information deleted
  • Users can choose what information to share

The Solution

Get the full suite of Mastercard marketing properties under this umbrella of regulations, both in Europe by the GDPR deadline, and worldwide because those regulations are quickly becoming the norm


  • The big issue at had was connecting all of the programs together. We had our in-house CMS’s running, our donation platform,, and other sites, but also numerous external agency-ran sites. Our data team created an API that their services were able to plug into to send their data to our programs, and a fetch program was created to send it out to the end user.
  • From a user experience standpoint, we basically turned our privacy and TOS programs into a microsite that handled everything, from agreement to user data retrieval. The “Click Here to Accept” buttons were fed in via API.
  • We released early in key markets for testing, including Germany and the UK because of the marketing campaigns we were running there.

The Results

  • We launched on time for the GDPR deadline, with all programs fully onboard. Throughout the rest of the year, we moved the program to other areas.
  • Awarded the CEO award for the quick and successful implementation.