GDPR is going to drastically change the landscape for businesses dealing with personal and consumer data. The legislation is designed to strengthen the protection of personal data, more specifically it:
- Gives individuals the right to request information about their personal data and how the business uses it within a reasonable timescale.
- Allows individuals to have their data removed on request subject to legal restrictions..
- Allows individuals to have their data moved from one service provider to another.
- Means individuals should not be contacted unless explicit consent has been freely given to the business in accordance with the agreements that were consented too.
- Gives individuals the right to have their data updated.
- Allows individuals to stop their data from being processed.
The ramifications of non-compliance are severe. At the time of writing they are whichever is higher of 4% of annual revenues or €20 million. The legislation doesn’t distinguish between B2C or B2B communications, meaning contacting individuals in their capacity as a director or as an end consumer is considered the same. In short B2B and B2C customers must both navigate this legislation.
Click here to view our Free Customer Guide to GDPR
Implications for Sales and Marketing
- Dealing with the issue of consent for receiving marketing literature is a big issue. Marketers will need to be able to demonstrate how and when consent was given via an auditable trail, so meeting someone at a trade show and adding them to your mailing list like the old days does not constitute consent.
- Having a good handle on your data is essential. With individuals able to request their data be deleted (subject to legal guides), ported, or sent to them in an efficient and secure manner means businesses must have effective controls in place on how customer data is stored.
- A solid Master Data Management (MDM) practice is a hugely important part of any information strategy. Being able to quickly assess which contacts are compliant and non-compliant – with proof – is vital.
- Businesses need to develop strategies for engaging consumers so they do opt-in for their marketing material. This is an opportunity for excellent marketing departments to build trust and better relationships with customers.
Make Sure you’re Compliant – The Basics
1. Review the data you hold: understand where the data sits, and how secure it is.
2. Remove data you don’t use or no longer have a need for, and make sure your data is up to date and only used for the purposes it was obtained for.
3. Make sure your security is tight and that you have a process in place to alert the relevant authorities in the event of a breach and document all breaches be them large or small..
4. Review your documentation so you can prove individuals have given explicit consent to receive marketing communications.
5. Have procedures in place for dealing with the range of data requests you could receive.
How We Can Help
Our Red Flag Alert database is the perfect tool for managing your data. Using our database to update and cleanse your data on a daily basis will ensure you have a handle on the information you hold, allowing you to build out robust MDM processes which are GDPR compliant.
- Our email address list is GDPR compliant so you can rest assured that if you’re operating within the scope of these regulations when using our data.
- Our team of data experts have a detailed understanding of GDPR and can give you advice on ensuring you meet your obligations.
- We help you develop marketing channels which are compliant.
- We help you decipher the Information Commissioner’s recommendations regarding good marketing practice.
- We help you comply with regulations on Privacy and Electronic Communications.
- Our business intelligence database can be integrated into your CRM. This will help you build robust MDM processes so you’ll have clean, up-to-date information to work with.
- Once you have solid MDM processes and know where all your data is this will help you evaluate whether you are complying with GDPR. Any gaps in your process can then be addressed and action taken to bring this up to the necessary standard.