By Sophie Lowe
Although some marketing professionals are busy preparing for the EU General Data Protection Regulation (GDPR) ahead of when it comes into play, this May, recent research from Smart Insights indicates that only around 6 per cent feel that they are ready for the change in legislation.
Organisations who are not compliant may face a penalty of up to twenty million euros or 4 per cent of annual global turnover - whichever is greater. If you still do not fully understand the law and best practices for using consumers' personal data post-GDPR, at SCS Marketing & PR, we have prepared a handy overview as a starting point.
WHAT IS GDPR?
The EU General Data Protection Regulation (GDPR) was designed to protect all EU citizens and their personal data and change the way all organisations approach data privacy. It will require all businesses to build in privacy settings into their digital products and website and have these privacy settings switched on at all times.
Since it is a regulation, it means that it is legally binding for all companies and failure to comply could lead to fines. The GDPR has replaced the Data Protection Directive, that was only a legislation, and therefore not legally binding. GDPR was approved by the EU Parliament on April 14, 2016 and will be officially enforced on May 25, 2018.
WHO DOES THE GDPR AFFECT?
The GDPR regulation will affect all organisations located within the EU, but also any organisations located outside of the EU that offer goods and services within the EU, which will undoubtedly include the UK regardless of the final ramifications of Brexit.
HOW WILL GDPR EFFECT MARKETING?
1) Data Permission
Under the GDPR, businesses will need to consider their email opt-ins, meaning they will no longer be able to assume that customers and prospects wish to be contacted. This means that organisations will need to obtain actual consent from its customers before contacting them and not assume that they have their permission to do so. Once an email is sent to a customer or potential customer, this data must not be stored to use for marketing purposes, otherwise the business is in violation of GDPR.
However, by actively pursuing consent, marketers will be able to learn about their users interests and what information they want to receive.
2) Data Access
The GDPR will offer people the chance to feel more in control of their personal data and will be able access or remote it if they choose to. In terms of marketing, it the responsibility of the business to allow their users easy access to their data by giving the option for them to unsubscribe from mailing subscriptions, for example.
3) Data Focus
Companies will also be required to only collect data from users that they can legally justify collecting. By this, the law means essential data that the business can utilise to make its marketing more effective to each individual user and their interests, rather than data that is not important or necessary for you to know about.