As well as endless discussions about where the sunshine has gone and upcoming holiday destinations, August saw a focus within Hunterlodge on the impact the upcoming General Data Protection Regulation (GDPR) will have on marketing both for us and our clients. If you work in marketing and haven?t heard of it, the likelihood is you’ve been out of the country for the past year.
Coming into place in May 2018, GDPR will have far-reaching implications on how companies gather, store, protect and use personal data in the future. Compliance with GDPR law is not just about best practice either falling foul of the new legalities could see companies facing penalties of up to £20m or four per cent or annual global turnover whichever is higher.
In essence, GDPR is introducing more accountability into data protection from next year, an organisation will need to actively show how it complies to the new regulations. Key to this is the issue of consent. According to the Information Commissioner’s Office: “Consent under GDPR must be a freely given, specific, informed and unambiguous indication of the individual’s wishes. There must be some form of affirmative action or in other words, a positive opt-in consent cannot be inferred from silence, pre-ticked boxes or inactivity. And if you can’t prove how you obtained consent the likelihood is you will be fined.
It might seem a long way off, but complying to these regulations will take focused effort and time to make sure you are getting it right. We have been working with our clients over the last six months to ensure they are preparing early for the changes and beginning to implement strategies of co-operation which include:
- Carry out a data audit what data do you hold, where have you gathered this information from, how do you use it and share it?
- Appoint a data protection officer if necessary to ensure all your efforts meet the new regulations
- Incorporate new rules on individuals” rights and subject access requests into all your data operations
- Implement new consent regulations going forward and refresh any existing data if it doesn’t meet the new GDPR standards
- Draw up new codes of conduct and policies how you collect personal data and process fairly and transparently, your technical and organisations measures for security and data protection, what happens when breaches occur along with your dispute resolution procedures
Tight data rules have always been in place for B2C organisations. However, the B2B arena has seen greater flexibility without the specific requirements of opt-in consent. B2B marketing related activities have relied on providing an opt-out in order to establish content. However, this could be set to change if leaked versions of GDPR law are to be believed which will have a major impact on B2B companies.
Until the final legislation has been released, the full extent of these changes is unknown but we are advising our clients to follow best practices in their communications and encouraging opt-ins and engagement with relevant content. Whether GDPR consent rules apply to B2B organisations or not, it is much more beneficial to market to individuals who have actively opted in to receive your content. You might have a smaller database to market to but there is not always strength in numbers. Certainly, in this instance, quality wins out over quantity.
Although GDPR law seems like a scary prospect, it won’t herald the end of marketing as we know it. Many organisations are already following the best practices laid out by GDPR and still manage to generate leads and convert opportunities into business.
Successful marketing in a GDPR era will rely on companies understanding the needs of potential customers and providing them with useful and relevant content that adds value and provokes active future engagement with your organisation.