Since the new GDPR legislation took effect on May 25, all individual data is much more protected than before. Companies from now on will need your permission to collect, store, process and transfer your data.
This regulation only applies to the data protection of European individuals, but that doesn’t mean that companies operating from outside the EU are exempt; this applies to any entity collecting the data of those individuals, regardless of their own location.
You probably noticed the influx of emails notifying you of updated privacy policies in the past few weeks. Most companies that you’ve ever interacted with in the past years now wants—and, legally, needs—your permission to keep you in their databases. Without this permission, they should remove your data from their systems (unless they have another valid reason to keep your data, e.g., an existing contractual relationship).
The most important change is the transparency and clarity of your communications. This law was written to protect consumers, not to punish companies. Everyone in your databases should know what data you’re keeping about them, why you’re keeping it and what you’re doing with it. In fact, every European has the right to demand a copy of every bit of data you have collected about them.
Companies have to go beyond just their due diligence when it comes to GDPR. Any infractions carry hefty penalties up to €20 million or 4% of the company’s worldwide revenue, whichever is greater. These fines may seem outlandish, but that’s exactly the point: to grab the attention of executives and reinforce the point that consumer data protection is an issue that requires their attention.
GDPR has a good influence!
As a digital company, we’re convinced that GDPR is a good thing. Data is becoming more and more important in every facet of business, touching every department and worker. These new protection principles and regulations will change how we operate and communicate with individuals, but we should embrace that rather than fearing it! This opportunity means we need to shift our marketing to be truly personalized and relevant to each target. The content should be so compelling that your recipients will want to engage more with your brand and give you their consent to do so.
Since you’ll also need to further refine your segments due to GDPR’s complex opt-in requirements, this should also give you the opportunity to gain valuable insight into your database’s interests and actions. Take this chance to fine-tune your lead scoring models and reevaluate how you and your sales departments approach leads and opportunities. Offer more options and targeted advertising that correlate to their implicit actions and watch your conversions respond accordingly.
When you remain transparent and communicative about what information you keep and why, you win the trust of your customers. Show them that you respect their privacy and that you will protect it.
We want to ensure that all our customers (and their customers) are well-informed about and ready for GDPR. We want to show that we are there for them and already working with them in a transparent and respectful way.
Don’t misunderstand GDPR to mean you should stop communicating with your customers. Quite the contrary, you should communicate more openly and respectfully with them while ensuring that you’re able to safeguard all of their personally identifiable information at every level. While adapting to GDPR will certainly lead to some bumps along the way, it can only lead to higher quality and interested databases, more compelling communications, better marketing practices, and—most importantly—customers who trust you.