GDPR (General Data Protection Regulation) comes into effect in six months and it will have a number of implications for your marketing department.
The GDPR becomes regulation on 25th May 2018 and will apply in 28 EU countries. The purpose of this regulation is to ‘strengthen and unify data protection for all individuals within the European Union’. The updated regulation will deliver greater transparency on the use of data. Furthermore, businesses will have to explain how they have obtained data with consent from new and existing prospects, it will also include those people who are stored within organisational CRM’s, systems, infrastructure and more.
GDPR is enforceable and doesn’t require national governments to pass any new or enabling legislation for it to start. Under the new guidelines, the collection of data needs to be relevant for its purpose. For example, if today you run a competition or engagement related marketing activity to grow your email database you may only use that data to remarket for that purpose. Under new guidelines you wouldn’t be able to use that information for another competition or purpose. If you did wish to use that data for another purpose you would now require further consent from those entrants. Yes marketers, the rules are changing!
In terms of traditional digital marketing best practice, it’s often been suggested that growing your database of contacts will drive your business forward but now you will have to do a lot more work to be compliant! Under the new regulation, you will be required to cleanse and review your organisational data and be able to produce consent from those people who are within it. Consent is now defined as ‘acceptance from an organisation to use individual’s personal information in a lawful and fair way, which doesn’t breach any un-legitimate or ethical process’. Additional notes on that information should also be kept, which can include how and when that data was collected, and the accuracy of that data. 2018 is going to be an interesting year for some organisations!
But what does it actually mean for marketing professionals?
How the GDPR affect your marketing department?
Although it may look on the face of it that GDPR is going to change everything, it isn’t, nor is it hard to comply with. However, it should be noted that from a marketing angle, internal thinking and processes will have to be altered (in some cases) to meet changing requirements.
‘..Freely given, specific, informed, and unambiguous’ – Those are the new rules with regards to consent communications. GDPR must be demonstrated with ‘clear affirmative action’. You cannot assume anything! Customers and prospects alike will be required to agree that their data can be used and a pre-ticked box isn’t going to cut the mustard now! More will have to be done to clearly show to individuals what, why and how their data will be and has been used. The fines for regulatory breach will be explained a little later in the article!
Secondly, the changes will mean that you will be giving back power to the people! Individuals will have the right to be removed or forgotten. GDPR has been developed to deliver greater control to individuals on how their data is collected and used. Those people are able to understand and remove their data with due reason. This reinforces the needs for organisations to be legitimate in their approach and use of data. Unlawfully processing data will now have greater ramifications than ever before.
The final major change is the legal implications for the processing of data. The updated regulation is going to mean marketing professionals will have to be better at looking after data. And, they should not look to unnecessarily collect data.
The main areas which will affect Marketing professionals is:
• Putting individuals back in control of their own data
• Portability of data
• Breach notification
• More effective supervision and enforcement
• One-Stop Shop