Trick or treat?! 6 haunting facts about the GDPR
As the dark mist of Halloween descends this evening, the monsters of the night don’t just appear in the form of witches and zombies. For those concerned with B2B marketing, the horror of the General Data Protection Legislation (GDPR) may be giving you a scare this Halloween.
As of May 2018, the way you conduct your business and handle data will change. Failure to become compliant will mean that you will have no data to market come 2018. That’s right, it’s a living B2B nightmare come to life.
To find out everything you need to know about the legislation, check out our resources. In the meantime, here are 6 haunting reasons to be GDPR compliant by 2018:
Failing to comply might see you charged €20 million, or 4% of your annual turnover. Like black cats crossing your path, this is probably something that is best to avoid. After all, a fine this large could destroy an SME business.
No hiding in the shadows
Being accountable is a strong theme of the GDPR. Instead of just seeing this as another compliance issue, it’s about time that – as an industry – we see it as a critical business risk that everyone in the company takes responsibility for. It’s not just about being seen to do the right thing. We need to be accountable for all our marketing actions, so we can demonstrate to our regulators, data subjects, shareholders and, occasionally, the media, that we are setting the industry standard.
Petrifying personal data protection
Are you getting spooked out about what constitutes ‘personal data’? Because the GDPR applies to all who use EU personal citizen’s data. Perhaps it is the unknown that scares us here. We know how Directive 95/46/EC defined personal data, but the grey area seems to be in location data and cookies.
Make sure you know the GDPR’s updated definition of personal data. To sum it up right now: “A living individual who can be identified, directly or indirectly … by reference to their name, an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural, social identity, location data, or an online identifier.”
The GDPR makes clear that the concept of personal data includes online identifiers and location data. That means that IP addresses, mobile device IDs and the like that can personally identify you must be protected accordingly.
The Bloody Brexit Myth
Don’t be fooled by the recent changes earlier this year to the European Union. Make sure you understand that the Brexit doesn’t affect your adherence to the EU GDPR.
Don’t get caught out in the dark
The Direct Marketing Association conducted some research that revealed a terrifying third of businesses felt unprepared for the new rules. Our compliance checklist will help you become aware of everything you need for the change.
Communicating to customers could be stopped without opt-in permission
This may send shivers down your spine but rest assured, this is very unlikely.
In fact, the Direct Marketing Association are saying: If you collected your customer’s consent then you can market to them in whatever way they agreed to. If you do not have evidence of customers opting-in to email or SMS, you can still communicate with them using traditional opt out channels, mail, and telephone – as long as you screen against TPS and provide an opt-out mechanism with each subsequent communication.
But we would say it is a good idea to get them opted-in too!
Despite these fearsome facts, is the GDPR really a sweet treat? Does it allow a better framework to safeguard brand reputations? Does it help build meaningful relationships with customers in an environment of transparency and trust? We already know that opt-in email audiences perform higher than opt-out audiences. So perhaps the new regulations are a blessing in disguise.
You may think that the GDPR is just another monster under the bed, but with these enlightening facts, you decide this Halloween… trick or treat?!