GDPR (General Data Protection Regulation) came into force on the 25th of May, 2018. GDPR has two main purposes.
First, the regulation provides a reference framework that establishes the ways in which companies may collect, store, use, and share personal data.
Second, individuals are granted greater controls over how their data is collected and used. These kinds of restrictions may sound intimidating to marketers who rely on old techniques of gathering large quantities of personal data, but with steep fines for non-compliance in place, there’s every reason to take a second look and make sure your company is compliant.
If you think that you need instant professional help, consult a company who specialise in IT solutions. Otherwise, let’s look at a quick GDPR refresher course for marketers.
Your Mailing List
A primary step that you can take in ensuring that your company is GDPR compliant is performing an audit of your mailing list. At the time that GDPR was rolled out in 2018, you may recall having received numerous email notifications from a host of companies asking you to ‘opt-in’ to further communications. This email confirmation that the user wishes to remain part of the mailing list is essential to record keeping required under GDPR.
If you have bought mailing lists in the past, and if that mailing list is extensive (i.e. in the tens of thousands of email address), consider deleting the mailing list so as to ensure all communication going forwards is fully complaint (this was a move made by several major high street brands).
Update your staff and computer systems
In times gone by, data collection involved a sales team and a spreadsheet (or another easy to access shared document). Customers/clients could not access this store of their personal information, nor were they able to review the company’s policy for what would happen to the data.
In order to be GDPR compliant, companies must act to remedy these issues. If your current IT solutions relating to data collection do not progress much beyond the now outdated method of simply storing names, addresses, phone number, etc., on a document or spreadsheet, look into the benefits of updating to a CRM (Customer Relationship Management) system.
Train your staff to use the new system, and not only will your company take a huge step towards GDPR compliance, but you could also stand to benefit from client retention and greater sales.
Your Privacy Statement
Old school privacy statements that are jargon-heavy and worded in a way that could feasibly be taken to have several meanings are most definitely a GDPR fail. Remove and replace any content that is difficult to read. Customers must have access to clear information that describes the company’s privacy policy.
The overall message should include several basic features of GDPR. This includes stating that the company adheres to a strict no-contact approach unless the client or customer has given explicit consent to be contacted. Be sure to research the rules specific to your sector and highlight exactly how you intend to collect, store, use or share data.
Leave a Reply