Whether we like it or not, the new general data protection regulation is coming our way. Designed to protect and empower data privacy in the EU, the new GDPR laws will come into force on 25th May 2018. You may be thinking “2018? That’s ages away, that doesn’t affect me, Why am I reading this?” Well, unfortunately this new law is going to impact the majority of UK businesses in one way or another, so the best thing we can do is to prepare well in advance.
We are on the brink of a B2B marketing revolution. In April 2016, the European commission approved new GDPR laws to take effect from May 2018. This gives organisations just over a year to adapt their business processes, sift through their entire databases and rethink their communication and data strategies. A big challenge lies ahead for marketing teams across the country. GDPR requires all of your email subscribers to give explicit consent for your communications. In other words, you will have to try and get everyone in your database to fill in an opt in form to say that they are happy with you emailing them. This is a lot more complex than today’s rules which allow someone to simply ‘opt out’ to stop receiving communications. This is scary news for many. So what do we need to know? We have a look at some of the most common questions about GDPR.
1) Is this the end of email marketing?
It’s not all doom and gloom. As Sam Cooke once said, “A change is gonna come” and with this data refresh comes surprising opt in data benefits, such as higher email open rates, the ability to properly target marketing campaigns and more engagement from the people you actually want to talk to. So, to get as much opt in data as possible, you need to begin the opt in process right now. It’s logical, the more people you can get to agree to opt in over the next year, the more you have left to work with when the law is enforced. Now this is a big job and one many of us are dreading. The task is to create a great, legally-compliant opt in statement and get this out to as many of your target audience as possible. Once you start to receive opt in confirmations, these must be stored and saved in a system, to hold evidence of your opted in data.
2) What do I need to put in my opt-in statements?
Your opt in statements must align with EU GDPR guidelines in order to be compliant. Here are the main things you need to incorporate:
• It must be clearly implied that by opting in, the subscriber is giving permission to receive ongoing marketing communications from your business.
• It must show the identity of the company that will have access to the data, including any third parties. There should also be contact information for the company.
• It must contain an unsubscribe/opt out button with no negative connotations.
• The subscriber must take an affirmative action in order to qualify, e.g. a ticked box, click through. Silence does not mean consent.
3) This seems like a lot of effort, what if I don’t bother?
If you choose to ignore the GDPR laws and continue to market to personal data, i.e. any information that can be used to identify a person such as an email address, without consent, your business could face a fine of up to €20 million or 4% of your global annual turnover – whichever is higher. These fines are much stricter than current penalties appear, therefore following the new guidelines is going to be an essential part of your business, or you run the risk of punitive, costly action. You need to be able to prove you have explicit consent from everyone you are emailing to avoid the fines, therefore you’ll need to get into the habit of storing consent in a safe, accessible location, that is auditable.
4) But we’re leaving the EU so surely this won’t apply to UK businesses?
You’re wrong. UK organisations who still wish to continue trading with the EU Member States after Brexit will still need to have legislation in place to meet EU laws.
For more information about GDPR, please do not hesitate to give us a call on 0344 880 6140 or drop us a line at email@example.com
Like any medium-sized business, we found that as the company grew, our IT systems no longer met our requirements. We needed to move to a more sophisticated IT environment which […]