The GDPR is quickly approaching. This new law will become effective on 25 May 2018. It will change the way marketers identify and approach prospects, and how organizations store, process, and manage individuals’ data.
Marketing practices sit directly on the firing line for many of these regulations. Data-driven marketers will need to change their approach to profiling, contractual arrangements, data processing, consent, and other key aspects that fall under the GDPR. They must also ensure that they're able to delete data upon request. This is known as the right to be forgotten.
For some organizations, the GDPR may only mean a few tweaks to existing processes. For others, a complete overhaul of data processing will be required. As tedious as it may seem, it’s essential to understand and follow the rules.
Data is the foundation of successful advertising. It gives an insight into your prospects, revealing crucial information like what they want and how likely they are to buy your products. The GDPR is about protecting personal data. However, this doesn't mean that it's going to hamper your marketing efforts.
Companies that follow these rules and show a commitment to social responsibility will flourish. Think of the GDPR as an evolution in data protection, and not as an unnecessary burden. After all, it's based on the core principles of good marketing: transparency, fairness, security, accuracy, and respect for individuals’ rights. Once you understand these rules, tweak your advertising efforts accordingly.
Here are a few points for marketers to keep in mind:
1. Consent Must Be Given, Not Assumed
Under the new data protection law, implied consent will no longer be an option. Individuals (data subjects) must explicitly allow their personal data to be collected and processed.
Even though double opt-in isn't necessary, it's highly recommended. Plus, it's better to have a small number of subscribers who are genuinely interested in your products or services than thousands who can barely remember joining your list months ago.
Additionally, marketing managers need to inform customers how their data is going to be used. Data subjects need to be able to withdraw consent at any time.
Let's take the following scenario. A customer visits your website after seeing an ad, fills in the form with his name and email address, and downloads your eBook.
According to the GDPR, you may not store his contact details or send further marketing emails, newsletters, and other materials. Once the customer has received the eBook he signed up for, your job is done.
So, how are you supposed to grow your list? To keep in touch with your contacts, use a double opt-in.
For instance, you can add a tick box to opt-in on the subscription page. Explain how the customer's data is going to be used. Basically, those who download your eBook will have the option to tick a second box so they can receive emails from your organization.
The same rules apply to social media platforms. Marketers who intend to use email addresses to build lists for social media targeting will need to inform the data subjects about it. Consent is mandatory for direct marketing as well.
2. Beware of Your Geographical Limits
The GDPR applies to all businesses that engage with EU citizens, not just to those operating in the European Union. This means that if your business is based in the U.S. and you're targeting a global audience that includes EU individuals, you must comply with the new data protection rules.
Also, beware that you may need to update and revise your contracts with vendors, suppliers, and other processors that will have access to EU personal data.
3. Give Customers the Right to Be Forgotten
About 90 percent of organizations believe that deleting customer data is too difficult. Yet, this is one of the key requirements that come with the GDPR.
From now on, marketing managers will need to ensure that they are able to delete data upon request – if the data is used for marketing purposes. They are required to use marketing automation platforms that enable full deletion of a contact. It's your responsibility to address these requests within one month of receiving them.
According to the new data protection law, all privacy notices must be easily accessible, transparent, and written in plain language. They should include key information, such as:
- How personal data will be used
- How long personal data will be stored
- Details of transfers to third-parties
- The right to withdraw consent at any time
- Information related to IP tracking and cookies
Privacy notices must be provided at the time the data is obtained, or the first time it is being used, but within one month - unless gathered directly from the individual. In that case, privacy notices must be available at the time the data is gathered.
5. Rethink Your CRM Strategy
The GDPR will have a direct impact on your company’s relationships with customers and prospects. As a marketing manager, you need to reconsider the kind of data you collect as well as how you store, process, and transfer it.
Make sure you're only collecting what’s necessary. All of your actions should have a legal ground and a clear purpose.
Next, encrypt stored data to keep it safe. Privacy and security are paramount. Make sure the data cannot be accessed without authorization.
Get rid of data you no longer need and update any data you already have. For subscription forms, only ask for what you'll need and use. Beware that marketers will be required to keep a record of their collection and use of data.
6. Focus on Customer Experience
The GDPR isn't meant to keep you from growing your business and acquiring leads. On the contrary, it will improve customer experience and create a more efficient data economy.
Now more than ever, it's important to focus on your customers and what you can do for them. Give prospects a reason to sign up for your list, buy your products, and provide their data to help your business grow.
For instance, people are happy to share their email address if they receive something in exchange, such as an interesting eBook or a handy guide. As a marketer, you can create a content marketing strategy that draws customers in and keeps them coming back for more.
Every time you publish a new post, launch a new offer, or give away a free report, think about your audience and its needs. Emphasize quality over quantity, and use transparent data practices.
Get creative with your marketing efforts and work on improving your advertising campaigns. This will lead to higher click-through and engagement rates, better targeting, and hence, more sales.
As a marketing manager, you need to make the GDPR work. Your practices shouldn’t be pushy or mysterious for consumers, but fair and transparent. By following these rules, you will be able to operate confidently while increasing customer trust in your business.