In 4 months’ time, the new EU General Data Regulation (GDPR) will come into effect in Europe, and will seek to improve the transparency and efficiency of data protection by giving individuals more control over the personal data. Failure to comply with the new regulation carries substantial consequences; organisations can be fined up to 4% of their annual global turnover and, in the worst-case scenario, closed completely until they are compliant.
Here at Operatix, we are taking GDPR very seriously and our team is working towards 100% compliance. Third party providers are being questioned about their compliance plans, our website is being amended and processes have been changed to meet GDPR requirements. Management, IT, HR and Marketing are working together to guarantee our data is safe and used in alignment with the new requirements.
Here are our key pointers B2B marketers must bear in mind when the new rules come into play in May 2018.
When GDPR comes into force, giving individuals the choice to ‘opt out’ of receiving marketing communications is no longer sufficient; instead, they must be given the clear choice to ‘opt-in’.
With this, comes the issue of ‘incentivised opt-ins’ whereby customers are given preferential treatment or exclusive access if they choose to opt-in to communications from a company. An incentivised opt-in runs the risk of taking away the component of ‘valid consent’. Under GDPR “consent should not be regarded as freely given if the data subject has no genuine or free choice or is unable to refuse or withdraw consent without detriment.”
It may still be possible to incentivise consent in some cases. For example, offering an individual the chance to join a loyalty scheme (which may come with perks) upon opting-in could be seen to be an incentive- though not wholly disadvantageous to those who choose not to opt in.
Marketing automation platforms and Customer Relationship Management (CRM) systems such as Sales Force and HubSpot are staples of many marketing teams and can significantly contribute to their data networks. It is essential that marketers investigate whether their suppliers are ready to embrace the new GDPR regulations and have prepared to be compliant. The onus is most certainly on marketers – as they will ultimately be held responsible if a breach occurs, not the third-party supplier.
B2B marketers must now also ensure that the materials they are communicating to individuals are relevant to that individual’s job role; this reflects ‘best practice’ and transparency, which in turn works towards guaranteeing compliance.
Indeed, this is best in terms of GDPR compliance, but additionally, by ensuring materials are only marketed to relevant individuals, marketing teams will be left with a richer, more valuable data set that is of much higher value and quality – so it is advantageous on all fronts.
Telephone marketing will bring with it different challenges under GDPR, but nonetheless, is equally as important.
Telephone marketers must, as is the case with digital communications, give individuals the option to “opt-out” of further calls. To make sure this can be proven in court and to comply with GDPR, it will be pertinent to record every call. In most cases, personal data and information may be disclosed in the recording in some way- and the recordings must be stored securely to meet GDPR requirements.
There are less than 150 days for B2B marketers to get GDPR compliant- the time to act is now.