GDPR – the Challenges and Opportunities for Marketers
With businesses facing a big potential fines of £20M or 4% of your turnover, compliance with the 2018 General Data Protection Regulation (GDPR) is an important issue for your company. In particular, the legislation will change a number of aspects of digital marketing compliance. These include:
- the definition and implementation of opting in and consent
- keeping a record of how you got the data, where from and how long you are keeping it for
While the impact on digital marketing is huge, we believe it also presents opportunities for marketers and their businesses.
This post offers insight into how the regulation will impact Marketers and in particular, the work of Digital Marketers. In order to ensure full compliance we advise you to seek legal advice and take the time to conduct some further reading on the subject yourself.
GDPR – What Is It?
The General Data Protection Regulation (GDPR) changes the way data is captured, used and managed, for all individuals in the EU.
The purpose is to give all individuals increased control over how their personal data is captured and used.
When will it start?
25th May 2018
This is the final deadline and there is no transitional or grace period after this date.
Who does it affect?
The regulation affects everyone resident in the EU, but there are some specific points that Marketers and Digital Marketers should be aware of.
Any organisation that holds, collects or uses customer data for their marketing or business communications will need to review their processes and ensure they are compliant by the deadline.
The associated fines of non-compliance are up to €20 million or 4% of your global turnover, whichever is greater.
What Do Marketers Need To Do to Comply with the GDPR Regulations
Due to the nature of digital marketing, there are many areas that will be affected by the GDPR changes and should be taken into consideration, to ensure that you comply.
Offering website visitors something in return for opting in can be an effective way to build your database. This can be a whitepaper or a piece of content for example. However, under GDPR, opting in must be an optional tick box, otherwise the consent is not be freely given.
Things to cover in a re-engagement email:
- How you got their personal details
- Why you are contacting them
- What sort of content you will send them in the future if they opt in
- How they can update their communication preferences and opt out
Forms must no longer include pre-ticked boxes as this assumes that implied consent is not freely given.
Offering downloadable content on your website is an effective way of collecting data to use in future campaigns. The ‘thank you for downloading’ completion pages are a good place to gain consent. A simple click through call to action, to ‘opt in’ would work well here.
Social Media Advertising
If you are planning to use email addresses to build lists for social media targeting, then you will also need to tell users about this. They will need to opt in and also be offered the option to opt out too. You will need to obtain consent for the data used on social platforms and the social platforms are also then responsible for the safety of that data.
Users also can opt out of cookie tracking in their browser’s privacy settings.
Your privacy information must be:
‘concise, transparent, intelligible and easily accessible; written in clear and plain language, particularly if addressed to a child; and free of charge.’
The Challenges of GDPR for Marketers
Consent is not Forever
Under GDPR, consent from an initial campaign does not mean you have consent to email the customer about all further marketing activity. You must get explicit opt-in to continue marketing to your database.
A pre-ticked opt-in box is not accptable. The individual must freely and willingly opt in to receive further information.
Using Bought Data
Consent must be gained from the individuals on the list of bought data within a reasonable time frame or on the first correspondence. Even if the third party has gained consent, that does not mean that you are covered.
The Opportunities of GDPR for Marketers
More Quality, Less Quantity
The potential results from your marketing campaigns will be much more relevant, as those individuals have specifically opted in and will be more engaged with your content. This should deliver higher click through and engagement rates, which is a good thing.
Preparing for and adhering to GDPR regulations means you finally have to ensure your data is up to date.
GDPR Marketers Checklist:
- Think about your ‘opt in’ campaign and how you can gain consent
- Review your current data and whether or not you would be able to show where consent was gained for these contacts if you were asked
- Update all the forms on your website so that they are in line with the regulations, eg no pre-ticked boxes etc
- Store information on how consent was gathered using your CRM
- Decide how you are going to offer individuals the chance to view, update and remove the data which you hold about them.
- Decide on how long consent is valid for in terms of your business and also a process for gaining consent after this time elapses
- Think about alternative marketing methods alternative to email.
If you are unsure about anything relating to GDPR and your business, we advise that you seek some independent legal advice.
The ICO has compiled the below documents: