Getting consent: Who does the GDPR affect?

By now the majority of marketers have heard about the EU GDPR and what it means in terms of data privacy changes. Luckily for our CommuniGator crew, we had Duncan Smith from iCompli come and speak to us about data-driven marketing and the law. In particular, the fine balance between the right to privacy versus the right to ‘sell stuff’ and who is affected when it comes to gaining consent from our contacts.

Let’s set the scene…

So, for a while now, businesses haven’t been paying much attention to the balance between the right to privacy and the right to market to individuals. In fact, we’ve pretty much not been paying attention to it at all. So, the EU General Data Protection Regulation is on a mission to make sure we realise there is a new order.

This digital exhaust we are currently producing, much like a car exhaust, is suffocating us. We’re choking to death on it. There is so much personal data available to us, and it’s the heart of our data-driven marketing approach. But the GDPR tells us we have to earn the right to use that data.

This doesn’t just apply to the B2C world either. While it may have been their actions that set this course in motion, B2B audiences are going to have to comply with the new legislation too. Why? Because B2B are marketing to individuals too, so we have to go by the same rules.

And now, consent is in the consumer’s hands.

So who is affected?

Well, if:

• Your organisation is based in the EU
• Your ESP is based in the EU
• Your orgnaisation processes EU resident’s personal data

Then the EU GDPR applies to your business.

What constitutes personal data?

In short, personal data is summed up as; “A living individual who can be identified, directly or indirectly … by reference to their name, an identification number or to one or more factors specific to their physical, physiological, mental, economic, cultural, social identity, location data, or an online identifier.” The GDPR makes clear that the concept of personal data includes online identifiers and location data. That means that IP addresses, mobile device IDs and the like that can personally identify you must be protected accordingly.

Take a look at the full legal text and their definitions on the final EU GDPR text.

Consent says it all

If we want to collect individual customer data and use that information to create insights into the individuals we are marketing to, we now need to be completely transparent with what we are doing with that data. Of course, we’re marketing to people will perfectly valid reasons, but the problem is we’ve abused that power in the past. Now it’s time to prove our worth.

So how can we get that vital consent from our contacts in order to drive our marketing and close more sales by getting people to opt-in to our communications? By building trust.

Take Amazon, for example. They’ve used your data to establish what content to show you on their homepage. The content you see is based on your browsing history, past purchases etc. But are you offended by it? Do you worry about what Amazon are doing with your personal profile data? No, because they’re making your user experience better.

Building trust is the key element to getting consent. It’s like passing go, collecting £200 and staying in compliance with the GDPR all rolled into one. For B2B, your segmentation will be the most powerful tool in your arsenal when it comes to building trust.

The challenge with consent

But as we’re all too aware, trust takes time to build and consent is hard to get. Let’s face it, most of us look for the opt-out box not the opt-in. So we, as marketers, have to work hard to sell consent. A difficult feat to overcome given the transparency the GDPR is forcing us to become transparent with everything we are doing with individual’s data.

What we must do is make it clear to our contacts what the benefit of them signing up to our marketing is. How are we going to reward them? What is going to interest them? This will be influenced by a good design and layout. One that makes it clear that their consent will make their customer journey easier, more personalised, and essentially better.

Marketers have already made the mistake of using and abusing people’s marketing data. Let’s not make the same mistake with their consent.

For more information on the EU GDPR, so you can get to grips with how your marketing is about to change – download our whitepaper which can talk you through all the essentials of the GDPR from an email marketing perspective.

Better yet, why not ensure your database is up to scratch with this GDPR compliance checklist!