General Data Protection Regulation for Marketing
The law is changing in 2018. It will affect all businesses and the way you do your marketing. It will affect the way you do any email marketing, make sales calls or send direct mail. I wrote a blog for a client recently about it (click here) and attended a seminar to try and understand what it means for marketers. I have to say it’s not one of the most exciting things I’ve written about, but it is something everyone needs to be aware of in 2018 and implement changes.
What is GDPR?
The General Data Protection Regulation (GDPR) is a regulation by which the EU intends to strengthen and unify data protection for all individuals within the European Union (EU). It is set to replace the Data Protection Act of 1998. The GDPR will apply in all EU member states from 25 May 2018.
What do I need to do?
I would suggest you address this as soon as you can and be prepared…don’t just wait until May to sort it out! If you want to read more in-depth, click here and read my client blog. Alternatively here are a few things to bear in mind that might get your started…
3 – It is now not only their permission you have to ask for, you also need to record when they gave you permission and log when they opted in. If you get an email notification when someone registers that may be enough, but you must keep the email secure.
4 – People have the right to tell you to stop marketing to them and you must make it easy for them to opt out of any future email marketing. Make sure you have that unsubscribe button on your email. If it is a printed mailer, make sure you have a phone number/address that people can contact to stop receiving things. Make sure you keep a list of their details and stop sending them things, otherwise you could face a big fine.
5 – Is your website secure? Does it have a little padlock symbol in the address bar, or did you get an SSL certificate? If you store any data whatsoever on your website, you must have an SSL certificate, which encrypts the transmission of any data. Even a contact form can be passing data, so it is safest to have one. Ask your web designer about it.
6 – You don’t need explicit consent to send a mailer, letter or brochure, provided you make it clear how they can stop receiving them in the future and the content is relevant to them. This comes under ‘legitimate interests of your business’
7 – there is a misconception that GDPR only applies to personal data, but it applies to business data as well, even if you only email corporate email addresses the law still applies.
As a member of the Chartered Institue of Marketing it has been important to me to try to understand GDPR for my business, but also to advise clients as well. I don’t know everything and am still doing lots of research and learning, but I hope that I can become more knowledgeable and in turn help my clients.
Watch this space for further updates