What is GDPR?
There are major changes happening just around the corner that goes under the name of General Data Protection Regulation or ‘GDPR’ for short! This regulation is designed to empower people with further control over their personal data. Pencil into your diaries the 25th May 2018 – the date when these new rules will come into play. So you may be wondering, just how is this going to affect you…?
In this report by TRUSTe, they revealed how a whopping 89% of customers actively avoid companies that don’t protect their privacy. And 92% of users online worry about their online privacy! Shockingly 76% of users have limited their online activity in the last year due to privacy concerns! This simply signifies the importance of GDPR regulation and how important it is for people to feel that their personal data is being protected.
Sending emailers? What to do next?
No longer will a soft ‘opt-in’ be enough and you will not be able to automatically opt-in any customers when you’re sending out a mailing via email. It will be essential that you introduce a double opt-in system, which means they need to actively opt-in and give consent and they should then receive a follow-up email that confirms they have given consent to receive further marketing communications. It is also very important to ensure that your opt-in statement is correct and transparent. It is vital to disclose the purpose of the consent, who you share details with and if you share to any third parties.
If you already have a mailing list your consumers are going to need to be re-informed about what data is being collected on them and given the opportunity to opt-out if necessary. This is going to be paramount if you’re to comply with the new GDPR regulations. No matter what stage/prospect you have with a consumer they are going to need to physically opt-in to confirm they want to be contacted and followed up by you. You may have to look at the process you currently take for this. Does it comply with the rules?
For storing and processing of data, it is paramount that it is stored safely and privately. Consumers will also need to be given the option to remove all information you have of them from your database, this will need to be dealt with in an efficient manner.
Now, GDPR compliance does not necessarily mean you have to always get consent, there are 5 other conditions but one I think is worth looking into is called ‘Legitimate Interest’. Response source says:
“Put very simply ‘legitimate interests’ means that if the processing of personal data is a fundamental part of your day-to-day business, without which you would not be able to function, then you should be allowed to continue to do so.”
Although this doesn’t mean that you can simply ignore the new rules and pass it off as ‘legitimate interests’, you must adhere to many other GDPR regulations, for example, the storing and processing of data is dealt with properly. However, it means as a PR agency you can supply press material to journalists that are relevant and useful. However, this suggests you cannot send out press materials to a wide audience of which some of them it may not be relevant to.
Now although the world seems to be in panic mode at the minute, there are some good aspects that come from the new GDPR regulation. This could be a great opportunity to enhance the reputation of your agency. If you’re handling data in a respectful manner it shows people that you’re safe and protecting their personal information. It will also make the structure and process more efficient within your agency when dealing with data which could save time in the long run. From an engagement perspective, the people that are opting into your marketing communications have a genuine interest and will be more likely to engage with your content meaning your list will be more authentic and effective.
If you have any questions on this topic or any feedback please do get in touch! How are you getting ready for the GDPR deadline?