GDPR impact on Sales and Marketing
The General Data Protection Regulation (GDPR) represents one of the biggest changes for Sales and Marketing in the recent years.
Given the potential fines for non-compliance — up to 4% of annual global turnover or €20 Million, whichever is greater — it’s definitely something to get familiar with.
GDPR is an EU regulation that becomes enforceable on 25th May 2018 and it affects all companies that collect or process personal data (such as email or IP address) about citizens of EU countries. In today’s era this means almost all online companies.
The objective of the regulation is to protect an individual’s privacy, eliminate unsolicited offers and give citizens power over the data that companies gather about them.
What does this mean in practice for Sales and Marketing?
Obtaining Email Addresses
The biggest change for marketing is the need to acquire consent from the recipients before you send them an email for marketing purposes.
The consent needs to be explicitly given for the stated purpose (if you are going to use the email for multiple purposes, you need a consent for each).
No more checkboxes that are ticked by default (inaction doesn’t mean consent) and double opt-in is a must which means when a user signs up, they have to confirm the sign up clicking a link in an email you sent them.
Telesales is outside the remit of GDPR.
Selling of Email Addresses
The GDPR prohibits selling or exchange of any personal data belonging to EU citizens. If you rely on buying external lists you might need to review your strategy.
You can still email people once but the first email must be an email which asks for the consent, not a marketing email.
Even if the original reseller got consent for marketing, you will need to obtain their specific consent for your own purposes.
The right of access and erasure
The EU citizens will have the right to obtain confirmation whether their data is being processes by you and you can ask to get access to this data and you have to provide it to them free of charge.
Similarly they can ask for their personal information to be erased.
Having a well organised system that collates all the personal data in one place so you can easily action the above requests is highly recommended. I believe this will further strengthen all-in-one systems that cover all elements of marketing, sales and service and specialist services might be a bit disadvantaged.
Summary:
There are other rules that GDPR introduces which you probably want to familiarise yourself with given the hefty fines. Below are two articles that highlight the other changes and go further into the detail.
Get on top of this regulation, while it might be a bit of a hassle, it can potentially be a fatal weakness your competitors could exploit.
Protect your customers’ privacy and protect yourself.
