November 14th, 2017
At this moment in time there is still an air of panic when it comes to the new General Data Protection Regulation. Without making you read the 300 page document, we have put together the key changes to give you a better understanding.
The General Data Protection Regulation Explained
In the advanced digital world, it was only a matter of time before the law changed when it comes to how we handle data. The GDPR was created earlier this year to bring the directive into the 21st century. The law now applies to all EU members and instructs companies that data must be processed in a honest, lawful, and transparent manner.
What about Brexit, I hear you cry! With no actual date confirmed for when the UK will leave the EU, it is crucial that you apply the new regulation. If you do not comply, a hefty fine will be implemented of amounts up to 4% of your company’s annual turnover or enormous fines of up to €20 million!
What counts as ‘Personal Data’?
The GDPR has now broken down what constitutes as personal data in more defined terms.
Personal data is anything connected to an individual; this includes data such as name, email address, age, and location but now online identifiers such as IP addresses and mobile device Id are included.
How will this affect digital marketers?
It is now expected for businesses to be specific about what they will be using the data for and this needs to be clear for the user to see. Long gone are the days of pre-ticked boxes or automatically adding a customer to your mailing list.
You will no longer be able to use personal data without the user’s active consent. All companies have to keep an up to date record stating when and how the user gave permission. A simple way to start this is to include double opt-in on all newsletter sign up forms. Most email servers will keep a record of when the customer gave permission to start receiving email marketing.
The user has always had the right to access any information stored and ask how it has been used. One of the biggest changes is users now have the right to be forgotten, at anytime they can request that all data is deleted. If a user wishes to unsubscribe from your mailing list their data must be deleted and not stored.
What happens to the data already stored?
You may be thinking ‘surely this only applies to new data collected after May 25th, 2018?’ Sadly not, this applies to all data currently stored. If you hold no record of when this data was collected and how the user consented, it can no longer be used. The best way to start getting prepared is to send out a re-permissioning email to everybody on your database. Yes you may lose a large bulk of your mailing list but you are gaining a loyal list of customers.
The GDPR is going to give businesses the biggest data protection adjustment since The Data Protection Act 1998, but it is clear this update is long overdue.
The aim is protect the likes of you and I, as well as everyone within the EU. With so much data now being processed online it is fundamental we stop people abusing this and stop hackers in their tracks.
Yes it’s going to be a pain but it will reward you with a target audience that wants to hear about your latest product or service.
Simple steps you can take to get prepared
- Get double opt-in set up for all email marketing and start keeping records of when and how consent was given.
- Send a re-permissioning newsletter to all your database.
- Make sure that all users have a clear way of updating their mailing preferences and the ability to unsubscribe.
If you are worried about General Data Protection Regulation then please give us a call on 0845 544 3626 to find out how we can help.