Back to Blog

Disclaimer: We want to point out that this blog post is not legal advice for your company to use in complying with EU data privacy laws like the GDPR. Instead, it provides you with insightful background information to help you better understand the GDPR. This legal information is not the same as legal advice, where an attorney applies the law to your specific circumstances, so we insist that you should consult with an attorney if you’d like advice on your interpretation of this information or its accuracy. This is only giving you background information.

 

GDPR how it affects Marketing

Under GDPR marketing can no longer just email their newsletter to people in their database, before may 25’th they would need to ask all subscribers or people in their list to double opt-in to comply when emailing after the cut-off date.

On the surface, GDPR might seem extreme, especially for smaller businesses or even mid sized. From the get-go there are only 3 key focus areas that marketers need to worry about – data permission, data access and data focus. Let’s take a look at each of these individually to understand the changes.

1. Data Permission

Data permission is about how you manage email opt-ins –people who request to receive promotional material from you. You can’t assume that they want to be contacted. In the future, they need to express consent in a ‘freely given, specific, informed, and unambiguous’ way, which is reinforced by a ‘clear affirmative action’.

Wait, what does that mean?

In practice, this means that leads, customers, partners, etc. need to physically confirm that they want to be contacted. You need to make sure you’ve actively sought (and not assumed) permission from your prospects and customers, confirming they want to be contacted. Therefore, a pre-ticked box that automatically opts them in won’t cut it anymore – opt-ins need to be a deliberate choice.

2. Data Access

The right to be forgotten has become one of the most talked about rulings in EU Justice Court history, and it is a fundamental part of GDPR. It gives people the right to have outdated or inaccurate personal data to be removed and has, in some instances, already been implemented by companies like Google, whom has been enforce to remove people from search results.

The introduction of the GDPR offers individuals a method to gain more control over how their data is collected and used – including the ability to access or remove it – in line with their right to be forgotten.

As a marketer, it will be your responsibility to make sure that your users can easily access their data and remove consent for its use.

Practically speaking, this can be as straightforward as including an unsubscribe link within your email marketing template and linking to a user profile that allows users to manage their email preferences and to globally Opt-Out.

3. Data Focus

As marketers, we can all be guilty of collecting a little more data from a person than we actually need. Ask yourself, do I really need to know someone’s favorite hobby before they can subscribe to our newsletter?

Probably not.

With this in mind, GDPR requires you to legally justify the processing of the personal data you collect, only ask for what you can justify and need!

Don’t worry; this is not as scary as it sounds, it is all in fairness something that benefit all of us.

What this means is that you need to focus on the data you need, and stop asking for the “nice to haves” andunnessacery data. If you really need to know a visitors shoe size and their favorite wine, and can prove why you need it, then you can continue asking for it. Otherwise, avoid collecting any unnecessary data and stick with the basics.

These are some fundamentals to keep in mind! And honor opt-outs these shall not be ignored!