We’ve all heard about GDPR and we know what it means, or at least we should do by now! With your business facing a potential fine of £20m or 4% of your turnover, compliance with the 2018 General Data Protection Regulation (GDPR) is a critical issue for your company to be addressing.
However, what are the real challenges facing businesses, online marketers and anyone using customer data? Is it all doom and gloom? And what opportunities will the new regulation also create?
What is GDPR and who will it affect?
The General Data Protection Regulation (GDPR) is a series of changes to the way that data is captured, used and managed, for all individuals in the EU.
The purpose of this regulation is to give all individuals increased control over the data that can be captured and used about them.
Broadly speaking, the regulation will affect everyone, but there are some specific points that marketers and digital marketers should be aware of.
Any organisation that holds, collects or uses customer data for their marketing or business communications will need to review their processes and ensure they are compliant by the deadline.
GDPR: the challenge for the industry
Keep an eye on consent
We have all been there; you spend ages crafting the perfect campaign to drive traffic to data capture forms, which encourage the user to fill out their valuable personal data, so that in future you can use this for further marketing activities. However, under the new rules of the GDPR, the consent of the opt-in from the initial campaign does not mean you have consent to email the customer about all further marketing activity.
A question of implied consent
It is no longer acceptable to have a pre-ticked box on a form. The individual must freely and willingly opt in to receive further information.
Watch out for bought data
Consent must be gained from the individuals on the list of bought data within a reasonable time frame or on the first correspondence. Just because the third party has gained consent, does not mean that you are covered.
Spurring the positives: GDPR – opportunities
Quality over quantity
The potential results you will be able to achieve from your marketing campaigns will be much more relevant, as those individuals are engaged with your content and have specifically opted in. This in turn should deliver higher click-through and engagement rates, which can only be a good thing.
Improving the profile of marketing
If your marketing team is able to successfully deliver guidance on the GDPR to the rest of the business and explain the importance of handling personal data sensitively, then it may highlight the important role that marketing plays within the organisation.
Spring clean your data
Sorting through the dreaded data is something that we are all guilty of putting off. However, preparing for and adhering to the GDPR regulations will mean that you finally have to take the bull by the horns, as it were, and make sure that the data you hold is up to date.
Organisation education
Although the GDPR regulations are the hot topic on the minds of marketers at the moment, this is something that the rest of your business also needs to be made aware of and aligned with.
It is worth your data handlers/marketers spending some time familiarising themselves with this new regulation and then reviewing the internal processes, so they can make recommendations to the rest of the business.
It would also be useful to provide the rest of your business with some information on the GDPR, so that everyone can be made aware of the upcoming changes and how it may affect them.
GDPR marketers’ checklist:
- Think about your ‘opt in’ campaign and how you can gain consent
- Review your current data and whether or not you would be able to show where consent was gained for these contacts if you were asked
- Revisit your privacy policy and make sure that is it easy to read and covers all relevant areas
- Update all the forms on your website so that they are in line with the regulations, e.g no pre-ticked boxes etc
- Investigate how best to store information on how consent was gathered using your CRM system. This will be different for each CRM and may need some technical assistance
- Decide how you are going to offer individuals the chance to view, update and remove the data which you hold about them. For example, this could be a section of the website that can be logged in to and the details amended.
- Decide on how long consent is valid for, in terms of your business and also a process for gaining consent after this time period is up
- Think about marketing methods alternative to email. There is no denying that GDPR will provide some challenges for those companies that have relied heavily on email marketing, but there are other ways to get in touch with your contacts.
This post aims to offer insight into how the regulation will impact marketers and in particular, the work of digital marketers. These are our recommendations and suggestions based on the research that we have undertaken, but in order to ensure full compliance, we would advise that you seek legal advice and take the time to conduct some further reading on the subject yourself.
Have an opinion on this article? Please join in the discussion: the GMA is a community of data driven marketers and YOUR opinion counts.