5 ways GDPR will affect marketing executives
The EU General Data Protection Regulation (GDPR) will be coming into effect on May 25, 2018. This means that the way in which companies process data, especially in relation to their customers, will change forever.
Different departments will have to adjust in unique ways and for some, it may not affect their work at all. If you’re a marketing executive, however, then you’re definitely going to have to make some changes and unfortunately, you only have a limited time to do so.
Worryingly it appears that not many marketers have heard about this. According to HubSpot, only 36% of marketers have heard of GDPR which isn’t good considering the looming deadline. You now might be asking yourself “but what exactly is GDPR and how will it affect my role?”.
GDPR is a revised version of the data protection laws which are currently in place within the EU. It was designed to harmonise data privacy laws across the EU and to reshape the way organisations in Europe approach data protection and privacy. But how will that affect you as a marketer?
Here at Glandore, we have put together a list of ways in which corporate marketing will change in the coming months to help clear up any confusion on the topic.
1. Data Permission (Marketing emails)
One of the biggest changes that marketing departments will have to make is the way in which they send out marketing emails.
With GDPR, you can no longer assume that customers will want to opt-in for promotional material. They must express explicit consent that they are interested and wish to receive this material.
If your organisation prompts new customers to fill in an online form, you must give them the option to manually opt-in to receive promotional material and company newsletters. All information entered into these forms must not be stored for marketing purposes unless the customer or client expresses their consent to do so.
If you are collecting information in order to build a connection for a potential lead or future client, marketing departments will need to remember, under GDPR, to only collect information that is relevant and concise for what is intended.
For example, if you host a landing page for potential customers or leads which requires visitors to fill in an online form, you must ensure that the questions asked comply with the GDPR.
You can ask for their name, email address and details on the project which require your company’s expertise, but you cannot store any information regarding their personal interests or lives (e.g family information, health, etc). Doing so will be classified as a breach of GDPR and could lead to a fine.
3. Freedom of Access
Customers and clients already have the right to remove out of date information from a company’s records. However, with the introduction of GDPR in the coming months, people will have even more control over the information which they give to organisations.
Marketers are going to have to become more aware of this and put in place certain processes in which customers can avail of. Whether it be an unsubscribe link located within marketing emails or some form of interactive interface, as long as consumers can control this information that will be considered GDPR compliant.
4. Tighter security
Once information has been collected via online means, companies must ensure that all information is stored under the most secure conditions and with the tightest safeguards in place. This is all detailed under the Security provisions of GDPR. It is to ensure that data cannot be breached by a malicious third-party and to help prevent accidental loss of sensitive information.
Depending on the type of information your company collects, different security mechanisms will need to be put in place (e.g encryption of data, etc.) You must also ensure that the only employees who have access to this information are the ones who actually need it.
As already mentioned, your client or customer should know exactly what their information is being used for and under GDPR, they should be able to control how it used.
This is especially true if they decide to unsubscribe from marketing emails or newsletters. They must be made aware that their information has been deleted from your database and that they receive some form of confirmation of this.
If any information needs to be retained under any legislation (e.g financial information needed for auditing purpose), again the customer must be made aware of this and must be told how long their information will be retained for.