Case Study: Bertelsmann achieves centralized GDPR compliance across subsidiaries with OneTrust

How Bertelsmann manages GDPR for its subsidiaries with OneTrust

Bertelsmann, one of the world’s largest publishing groups, needed a way to manage GDPR compliance consistently across hundreds of subsidiaries in 50 countries while still allowing for local flexibility. As its business became more digital, the company faced growing challenges in handling personal data and maintaining trust across a complex global organization. It worked with OneTrust and its Privacy Automation solution to support a centralized privacy program.

With OneTrust, Bertelsmann gave subsidiaries access to pre-defined documentation, guidelines, and role-based permissions so local DPOs could manage their own assessments without affecting other divisions. The platform helped shift documentation tasks to business owners, improved structure and reporting, and replaced manual, Excel-based processes with a more scalable system. Bertelsmann reported being better able to keep up with evolving regulatory guidance and to demonstrate organized, documented GDPR compliance across the group.

Berteslmann

Sebastian Schlender

SVP & Chief DPO