GDPR Compliance is all about Consent.
Consent plays a very big part in digital and direct marketing as the Data Controller and processor have to adhere to a clear set of boundaries which are demonstrated in the following text taken from the regulation.
“Consent” of the data subject means any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by clear affirmative action, signifies agreement to the processing of personal data relating to him or her” (the General Data Protection law Regulation).
If we analyse the regulation with reference to consent there are definitely some clear guidelines that outline the dos and don’ts of gaining consent;
You must be able to demonstrate how the data subject has consented to the processing which means marketing must record how and who gave consent.
The data subject must be able to withdraw consent at any time (the right to object) and it shall be as easy to withdraw consent as to give it. This must be demonstrated by the company’s GDPR Compliance policy and process on how to withdraw consent.
Consent should cover all processing activities carried out for the same purposes.
If processing for multiple purposes consent should be given for all of those purposes.
Consent should not be considered freely given if the data subject has no genuine or free choice.
Silent consent, pre-ticked boxes, or inactivity should not constitute consent.
The main rule of thumb for GDPR Compliance is that consent must be given and not assumed. Already I am seeing corporations update their websites and changing the language they use to clarify the purpose of collecting the data and what it is going to be used for. Then there is a physical action such as having an opt-in box so they can record how the data subject gave consent. In the past, the purposes of using personal data would have been written in lengthy legal and corporate jargon. However, in GDPR the purpose has to be unambiguous, clear, and simple. If it is not then it will not be accepted.
In a nutshell, with GDPR compliance, you must have permission to specifically target an individual with a marketing message.
The Benefits and Opportunities of the GDPR Compliance for Marketers
It’s important to remember the GDPR does present a number of opportunities for both B2B and B2C marketers:
More Effective Email Marketing
As it stands, B2B data for Sole Traders and Partnerships will be treated in the same way as B2C data, and therefore, opt-in is required (for registered businesses, then the current guidelines from the ICO state that ‘opt-out’ will remain the standard).
Under the new GDPR compliance, individuals will need to opt-in to marketing communications and the organisation responsible for the data will need to be able to provide evidence of this. Hence a big part of GDPR compliance is cleansing and fine-tuning your current databases. For some, this may mean a dramatic loss of data. However, this shouldn’t be alarming – if they’re not engaging, how much will that matter? A refined list of individuals who have opted into communications should be much more engaged, resulting in higher click-through, open, and engagement rates in email campaigns.
Increased Customer Confidence
Now more than ever, consumers are aware that their personal data is valuable to businesses. They’re also increasingly suspicious about how their data is used, which is something that GDPR compliance will help to ease. Ultimately, this new level of transparency should lead to customers trusting brands more and having the confidence to share more data.
Avoid Bad PR
Stopping data breaches before they happen should be easier under the new GDPR regulation. Additional data protection and security regulation benefit both the customer and the brand. No business wants to deal with the negative PR which accompanies data losses and breaches.
Positive Organisational Change
GDPR compliance is a great opportunity for organisational change and to get the business ready for the future. We believe, that with change comes opportunity, so the new regulation presents the chance to transform your business culture and processes for the better. In addition, if you’re quick to move and have a new data strategy in place ahead of 2018 you could have that advantage over your competitors.
We always recommend a regular review of your data strategy and customer journeys. If you currently rely on soft opt-in to find new leads then you may have to completely rethink your acquisition process. If you send dynamic content to various target segments, you may need to be more transparent about how you build profiles. There’s a lot to ponder but with nearly a year to go, you have time to test, learn and optimise in line with new regulations.
Raise The Profile of Marketing Within The Organisation.
If marketing steps up to the challenge presented by GDPR Compliance and takes the lead in developing the culture of privacy demanded by the ICO, it should highlight the importance of marketing among senior leaders and increase the credibility of the function within the business.
Conclusion
It’s all about the Content
So if you are not able to target your proposed customers without their permission, what are you able to do under the GDPR regulations? Well, it is simple, just be there to be found.
Search Engine Optimisation (SEO) and Social Media Marketing will be the two front runners moving forward, and for this, it is all about the content.
HC Media Group are specialist in SEO and Content Marketing, please feel free to email team@hcmediagroup.co.uk for a completely free audit to see if you are GDPR compliant and how to increase your SEO and Content Marketing Value.