Call now for all the details: +1 718 709 0900

15+ years

Wednesday, 23 May 2018 00:00

Marketers: Comply with GDPR or Risk Hefty Fines

Written by 

The date for compliance with the European General Data Protection Regulation (GDPR), May 25, 2018, is approaching fast. Are you ready? Read on to understand what GDPR is, why it exists, how it affects consumers and what marketers and their organizations need to do to abide by it.

What Is the GDPR and Which Companies Need to Comply?

The GDPR requires that all businesses that use European Union (EU) citizens’ personal information, no matter where their headquarters are, must observe privacy regulations related to that data. Given the global nature of most large corporations, it’s likely most need to prepare to fulfill GDPR guidelines now.

GDPR includes rules related to how companies collect and protect personal data. The cost of non-compliance is up to four percent of an enterprise’s worldwide revenues or 20 million Euros, whichever is higher. Clearly, non-compliance can have damaging effects on an organization’s bottom line. 

Why Is GDPR Necessary?

Members of the EU decided that companies doing business in EU countries needed shared standards for personal data protection. These requirements would enable Europeans to control their own data and, feel comfortable in today’s digital world.

How Does GDPR Affect You as a Consumer?

Think about how often you share data, such as your name, address and credit card numbers. For instance, you exchange information when you access your bank’s services, buy from retailers, engage on social media platforms and even when you visit the doctor. Since it’s hard to navigate nowadays without leaving a digital footprint, you and other consumers will probably feel more comfortable under the GDPR, knowing it protects your data from misuse.

How Does GDPR Impact You as a Marketer?

The good news is that rather than grappling with different laws for each European country, you will have one regulation with which to comply that spans the EU. It requires that your company:

  • Builds privacy into your website and any digital products
  • Conducts regular analyses on how your company collects, uses, shares and maintains personally identifiable information
  • Reinforces the way your organization gains permission to use data
  • Keeps tabs on how your business uses personal information
  • Enhances data breach communication

That’s the big picture. Now, let’s dig into some specifics:

  • The New Rules on Opt-Ins

    How you gain permission to use information is a big issue. Email opt-in best practices are now written into the law.

    You can no longer assume individuals want to communicate with your company just because they have requested, for example, an e-book. People, including leads, prospects and customers, will deliberately need to confirm that they want you to contact them. That means no more pre-checked boxes that automatically opt people into your mailing list.

  • The Right to Be Forgotten

    What if someone gives consent to you to use their data, then decides later they’d prefer you to forget they existed? It’s their right to do so. Also, you must make sure it’s easy for them to access their data and tell you not to use it anymore. Again, that goes back to a well-accepted procedure that many companies have already incorporated — including an unsubscribe link in email marketing communications that makes it easy for email list subscribers to change their email preferences.

  • The Requirement to Focus on the Data You Need

    If you’re selling software, you probably don’t need to know that someone’s favorite color is blue. The GDPR stipulates that you should only collect the data you need to conduct business. Thus, you must now be able to justify any information you store. That means sticking with the basics, a practice which benefits you by making your data collection and storage job easier.

How Does GDPR Affect Other Functional Areas?

Because personal information that falls into the wrong hands is at risk of being used with malicious intent, your company will need to protect personal data from breaches. Likely, you can enlist the support of your IT department to address this aspect of the law.

There’s a Silver Lining in the Cloud

At first, complying with GDPR may seem overwhelming. However, when you take a step back, the new rules are merely forcing you to take a customer-centric approach to your marketing communication. In the long-run, that’s what’s best for your business.

For example, when you ask customers, leads and prospects for consent to use their data, (opting-in), you can also give them an option to tell you what interests them. This additional information helps you to segment your communications and ensure a high level of engagement. Plus, you’ll be able to get a better measure of email effectiveness once you cull people from the list for whom it’s not relevant.

To implement “the right to be forgotten,” you will need to have all your customer and prospect information in one CRM platform. Otherwise, you run the risk of deleting data from one place that pops up somewhere else. After doing so, you’ll have all information in one place and be better able to serve your clientele.

In general, by treating personal data with respect and ensuring it’s secure, you’ll build trust with your customers, an essential ingredient for long-term, profitable relationships.

If you need help with data and list management, call 3D2B at +1 718-709-0900 (US) or +39 06 978446 60 (EMEA), or contact us online.