This time marketers got famous for the wrong reasons.
After data theft accusations brought many online and data companies into limelight, many governments reacted to it. International laws managing free data got responsively stringent.
Mark Zuckerberg, Founder and CEO of Facebook also was not spared from legal trials and many other companies were brought under the radar.
The European Union responded to this responsibly by announcing The General Data Protection Regulation (GDPR) (EU) 2016/679, a regulation in EU law on data protection and privacy for all individuals within the European Union. It also addresses the export of personal data outside the EU. Source: Wikipedia
GDPR is effective from 25th May, 2018 onward.
This article will not only summarize Gdpr, but also will educate you about ethical and legal marketing tactics that a marketer can use to know more about the prospect. It will also aid you with inbound marketing tactics that could be used to seek personal data of prospects and customers with permission.
GDPR and its effect on Marketing
GDPR will largely affect marketers who work with customers and audience in the EU territory. This law requires marketers to take permission of users before asking for information. The terms and conditions should explicitly state and make the user or customer aware of how the personal information will be retrieved and used.
This means, opt-out would not be an option of the marketer but a mandatory choice offered to the user. This indicates that the responsibility to explain why the user should opt-in remains with the organization or marketer collecting any such information.
1. GDPR and Email
Yes, you need to re-send a request to opt-in for your emails to your entire list of existing users. It may be overwhelming for some of those organizations which have not done this in the past. However, legally emails are subject to another regulation Privacy and Electronic Communications Regulations, ‘PECR’.
2. GDPR and Customer profiling
GDPR has severely affected efficient customer profiling. Individual’s habits or personal data that may result in a decision that would impact their life could be a lot harder to get. Any such information drawn using intrusive methods are not compliant under the law. However, use of anonymous data that explains sales trends and patterns is permissible.
3. GDPR and Direct mail
If there is a legitimate reason, a marketer can use the information of direct mail to communicate. Such information can be kept for two years and not more than that for commercial use.
4. You may also want to know what ‘Privacy Shield’ is.
‘Privacy Shield’ is an equivalent legislation to GDPR is the United States of America. Privacy Shield is an agreement between EU and USA, that handles how data is managed and handled by companies in US.
You can also read the legal guide to GDPR.
Why should you be GDPR compliant?
There are obvious legal compulsions that compel your organization to be GDPR compliant. But, here are few other reasons.
Penalty
The lower level of fine, up to €10 million or 2% of the company’s global annual turnover, and the higher level of fine, up to €20 million or 4% of the company’s global annual turnover.
ROI, response rate.
While the law requires you to once again seek permission of your subscribers to hold on to the personal data, there is a positive side to it. Through this process, your email lists may reduce drastically due to opt-outs. However, the eventual effect would be increase in the quality of the list. This would help in increasing open and response rates due to the high relevance and also your Return on Investment (ROI).
How can Inbound Marketing help you in being GDPR compliant?
Inbound marketing is a process of encouraging a prospect or lead to provide email ID and other personal information voluntarily. This means that you are seeking permission and you are being offered personal information with full consent of the user.
Gated Content, free consultation, demo, drip tutorial are some of the means used by an inbound marketer to seek user information. Inbound marketing helps you design a campaign using more such tools and techniques to seek information.
We will take you through the different stages of inbound marketing and how you can stay complaint while extracting personal data and still continue your marketing activities.
Data Collection
Forms & True Data
Inbound marketing allows you to collect data of people with permission. However, with GDPR, you will need to specify why is this data being collected and how will it be used in the future. At the same time, you also need to provide an option to opt-out of it.
Data Relevance
You need to be specific about what information you seek from the user or data subject. The data being drawn should be relevant and be purposeful to the interaction or activities followed by the submission of such data.
Data Storage and Processing
- Purpose
As mentioned earlier, the purpose and reasons of data utilization must be stated and informed to those who are sharing their data with marketers. Also, the utilization has to be within the legitimate scope stated by the law.
- Security
It is the responsibility of the marketer or organization that is collecting to keep it safe. Necessary technical and organizational measures need to be taken by the data collector to ensure that there is no misuse, theft or misappropriation of the data and the user’s confidentiality and anonymity is not compromised.
- Accountability
Though a third party is involved in collecting data or using it, the organization that has directed it or is being used for needs to take complete responsibility of data and GDPR compliance.
How to be GDPR compliant?
Now, it is your turn to be GDPR compliant.
1. Access and Audit
Investigate all your data sources and audit to find out if any of them hold personal data of consumers. Though you may not be in the business of handling business data, you need to run this exercise. This could mean that you are a SaaS business or any such business holding data on behalf of your client.
2. Repermission
Once you identify the sources and data, seek permission of those individuals if you can hold such information and also help them cognizant that you are using their data to either directly or indirectly store, process or report that information. This includes databases, servers, emails or any other application.
3. Data Reporting & Data Processing
Both types of organizations deal with personal data — reporting as well as processing companies. In both cases, companies need to adhere to GDPR.
4. Privacy Policy
Revisit your privacy policy and update your users and customers about how their data will be used, processed and published. This also means you need to seek permission personally from each and every user.
Marketer’s takeaway
This just reminds us to rely on ethical processes while exploring different means to get closer to your audience. As much as it is exciting to know more about the consumer, it is an equal responsibility to stay righteous in respecting the privacy and protecting the honour of your consumers.
The post What is GDPR and Why you Need to Start Considering Inbound Marketing? appeared first on The Smarketers.
