GDPR is set to alter the ways in which businesses operate and will certainly have an impact on the way your organisation undertakes its marketing in 2018 and beyond. Having recently completed a GDPR for Marketers training course through the CIM, Managing Director, Katrina Cliffe takes a detailed look at what is to come for marketing in 2018.
As a business owner myself, I’m aware of the additional pressure this new legislation will have on businesses. Ensuring you are compliant is set to cause a lot of headaches and undoubtedly expense! Not being compliant, however, could cost a LOT more so it’s important to prioritise GDPR.
What do I need to do first?
You need to appoint a Data Controller, someone who is going to lead on this project. This may be an existing member of staff or a newly appointed role.
Once appointed, they should pay a visit to the Information Commissioner’s Office (ICO) website and complete the “Getting Ready for GDPR” self-assessment. This generates a checklist of activities that need to be undertaken to become compliant.
Remember, this will provide an overview of what you need to undertake for all areas of GDPR – not just marketing!
How is GDPR going to affect my marketing activity?
I simply don’t have enough space in Topic to detail all the ways GDPR is going to affect marketing. Basic steps required will, however, include updates to T&C’s, privacy policies, data capture forms (think double opt-in), the channels used to communicate and data storage and handling. Therefore, if you don’t have an effective CRM system in place, now is probably the right time to do it!
Alongside this, marketing platforms such as MailChimp and hosting providers will be required to demonstrate GDPR compliance and advise how they store and handle your or your clients’ data. If they can’t-do this, you may need to consider alternatives.
The ICO checklist will guide businesses, but it’s important to be aware that it’s not just about the data you hold, but the data you share, which is going to become even more complex, especially with marketing agency or third party software relationships.
Is there a difference between B2B and B2C marketing?
Yes, but overall the laws of GDPR will still apply. GDPR from a marketing perspective is being brought in to benefit and protect the consumer, and there are good reasons for it.
Whether you’re a B2B or a B2C marketer, getting to grips with GDPR best practices for marketers will have many rewards.
In regards to marketing though, this is about the data you hold on customers / potential customers and more importantly if you can demonstrate that they have given informed consent to receive communications.
Unless you can prove consent it might be a good idea to put a pause on your activity.
How can we gain consent?
Again, the ICO, your marketing agency or your legal team should be able to guide you through this process.
Ultimately though, there are four key pillars of consent
- Control: The subject must be in control of what they are signing up for e.g. no pre-ticked boxes on sign-up forms.
- Transparency: Consent must be informed – what are they signing up to?
- Notification: How do they request information on data held or request removal?
- Verifiable: Can you prove you have consent?
Next steps
The ICO has lots of useful information on How to Prepare for GDPR, or you could attend one of our upcoming training seminars where we provide an in-depth overview of how to get your marketing prepared for GDPR. Visit www.wild-pr.co.uk for more information.
*Originally published in Topic UK November 2017*