Case Study: Migros centralizes data protection and preserves customer loyalty with OneTrust

Migros Maintains a Legacy Rooted in Customer Loyalty Through Data Protection Efforts with OneTrust

Migros, Switzerland’s largest retailer and operator of a loyalty program spanning over two million households, faced a major GDPR challenge: fragmented, legacy processes across many subsidiaries (including health care and ecommerce) made it difficult to discover and centralize how personal data is processed. To modernize and centralize privacy operations, Migros selected OneTrust and deployed products including Data Mapping Automation, Assessment Automation, Vendor Risk Management, Incident & Breach Response, and Cookie Consent & Website Scanning.

OneTrust helped Migros replace spreadsheet-based workflows with an automated, centralized privacy platform—Data Mapping Automation became the foundation, Assessment Automation enabled questionnaires that teams complete after minimal training, Vendor Risk Management streamlined vendor classification, Incident & Breach Response structured incident handling, and Cookie Consent tools added compliance banners across subsidiaries. The OneTrust deployment reduced manual effort, made it easy to add DPIAs and assessments via built-in templates, and created a scalable hub Migros is expanding to meet evolving global privacy rules.

Migros

Matthias Glatthaar

Head Data Privacy and Digital