GDPR will hit (not only) marketers in full force in May. In less than 6 months, your campaigns and strategies should be fully prepared for the regulations that will come with this legislation.
Not only because of its huge fines but also because of the changes marketers and business have to undergo in the case of data processing.
However we like it or not, the public sometimes questions how moral are the approaches of marketers towards data and targeting. While marketers can positively perceive the amount of information they can collect and use, consumers are rather skeptical about this.
And this is when GDPR comes as the referee saying: ”From now on, you will understand the value of data and protect it better than ever before. If you like it or not. And if you don't, then you will be fined.”
Even though new regulations will probably hit all channels of digital marketing, we decided to focus on one specific channel - email marketing. This channel is perceived by majority of companies as very effective and now they are worried what will happen to it in May.
Should they be worried?
A key part of GDPR says that people should able to decide what data they want to share with brands. They can also decide for how long and for what reasons will the company keep data.
This might sound like a complete disaster for marketers, but on the other hand, this makes brands and businesses look more trustworthy. If a person decides to leave your company his/her data than he/she really has confidence in your business.
But how does this impact email marketing? The bigger picture is that marketers will be working with more relevant and fresher email databases than ever before. We all had problems with loads of old or unused emails that lowered the ROI of the email database. With GDPR, this problem should be solved.
Now, let's be more concrete.
These are the obligations you need to take into account while preparing your email marketing campaigns:
When you ask a potential customer for the consent of data use, you need to be clear about what exactly they're giving up. Also, the consent needs to clearly stand alone from terms and conditions which can make it hard to understand. What's more, unless a service requires it, consent will not be accepted if it's a result of a customer signing up for it.
Yes, you heard it. A fully acceptable consent of data use relies on the opt-in boxes being used. If you're using pre-ticked boxes, the consent will not be sufficient.
If you need to use customer's data on different degrees, you need to get several separate consents for each of the degrees. Also, the data subject has to be made aware of all of the levels of data use. As a result, customers will have maximal control over the data they are submitting.
With GDPR, marketers will always have to tell customers the name of the organization/company that will handle their data. The same rule applies to any third parties.
You will need to keep records of all of the instances of consent given. Records will contain details of the consent.
Your task should be to make it easy for the data subjects to take their consent back. And what's more, this process should be extremely easy and fast. As a marketer, you need to apply the option to withdraw to all your email campaigns.
If a customer gives you his/her consent, you will need to regularly remind them what they have given consent to, and ask them to renew or even reconsider the consent. The purpose of this regulation is to make customers feel free and in control of their personal data.
What if you won't play according to the rules?
If you tend to break the law, which we hope you don't, GDPR fines will surely make you think twice.
If a data breach is discovered, and you fail to comply, there's a heavy penalty waiting for the company you work for. It's either 4% of turnover or a fine of €20 million.
Those are some scary sanctions.
To avoid this horror story, make sure that your staff is trained and that you seek professional guidance when applying GDPR in your company. And if you're a marketer, we advise you to take your time to really understand how will GDPR affect the data you work with and how you handle it.