Email marketing is about to change in a big way – Introducing GDPR

16
Nov

Email marketing is about to change in a big way from May 2018, thanks General Data Protection Regulation (GDPR)

The GDPR was approved in May 2016 and is set to have a huge impact on the way B2B marketing is conducted. The fine details will be worked out in case law after May 2018, but here’s what we do know, and how it will impact your business.

It will affect your business if it:

  • Possesses or processes data pertaining to an identifiable person
  • Contacts those individuals via email, phone, SMS or post
  • Tracks engagement via e-shots, cookies, or landing pages for the purpose of profiling an individual

If any of the above apply to you, then you need to start thinking seriously about how GDPR will impact on your business, and start taking immediate steps towards compliance.

GDPR is designed to enable individuals to better control their personal data. It is hoped that these modernised and unified rules will allow businesses to make the most of the opportunities of the Digital Single Market by reducing regulation and benefiting from reinforced consumer trust.

The GDPR makes no distinction between B2C personal data and B2B personal data. It’s all personal and subject to the same rules. B2B businesses will need to update their processes to ensure the same levels of protection are given to anyone they wish to contact

Opt-in replaces opt-out
The opt-out is a familiar part of marketing communication these days: “If you don’t want to hear from us again, tick this box or click this link”. Under the new EU laws, the opt-out will be no more. Instead, opt-in consent will be required for all marketing communications. Consent cannot be implied by inaction, it must be the result of a positive action by individuals. Soft opt-in may apply in some circumstances, but it’s better to be safe than sorry.

So What?
If you’re using an email marketing package like MailChimp, iContact or many others to send out mailshots, that means that each and every one of your contacts needs to have opted in.
If you’re offered a to buy mailing list, think again!

When’s this going to happen?
The GDPR was published on 25th May 2016. It gives organisations 2 years to become compliant, so the deadline is 25th May 2018.

What if you don’t comply?
You could be investigated by the Information Commissioner’s Office (ICO), and if you are found to be in serious breach of the new law you could be fined up to €20 million or 4% of your organisation’s global turnover.

It’s a fact the ICO is increasing its staff numbers in preparation for the GDPR, so don’t assume they lack the resources. They stand to profit hugely from this.

For more information, visit: https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/

  • As I understand the EU-U.S. Privacy Shield is not compliant with the GDPR.

    The EU-U.S. Privacy Shield just means that the actual transfer of personal data from, example, Sweden to the United States or other non-EU countries will be compliant.

    The storage of personal data will NOT be compliant with GDPR without extensive paper work and lawyers.

    Whats your opinion? 🙂

Archive