By Amber Kemmis
GDPR has been in effect since May 2018, yet many marketers are still adapting their marketing ops and data management to be compliant. According to a 2018 Demand Base study, only thirty-two percent of organizations surveyed report being fully compliant, and many are in the process of still obtaining compliance.
At the same time, consumers are becoming increasingly concerned about personal data, and the ICO (the governing authority for GDPR) is showing GDPR is not to be taken lightly as big name companies like British Airways and Marriott—as well as SaaS companies such as German social media platform Knuddles—have been fined.
Regardless of where your company is headquartered, if you do any kind of business with citizens or organizations residing in the EU, you’re obligated to comply—or you risk facing these penalties.
There are many facets to this regulation, and it can be quite complex, starting with the seven individual rights of GDPR.
Once again—because this is the most important part for businesses that operate in the U.S.—if you do business with any citizen or organization residing in the EU, you are compelled to comply with GDPR.
2. Data Permissions
This is probably the most important right of GDPR that affects marketers.
No longer can you simply send out a 14-page legal document with complicated terminology explaining your privacy policies and consider yourself covered. When you’re attempting to obtain consent to access, use, or share personal data, you will need to use language that is clear and easy to understand in layman’s terms.
How GDPR’s Data Permissions Impact Inbound Marketing
If you’re collecting personal data (let’s say for an email marketing campaign) to support your Saas marketing strategy, you will need to clearly outline why you are collecting this information and what it will be used for. For example, as a marketer, you will most likely be using this information to personalize the experience for the end user.
To be in compliance with GDPR, you will need to be open and transparent about how you will process the end user’s personal data. You will need to clearly say who will have access to this information, the purpose of collecting this information, and how long that information will be stored—along with a clear statement that the client or customer has a right to access, modify, and/or delete said information (see “Right to be Forgotten” below).
In addition, if you have that little checkbox underneath the form to request more information that says “SIGN ME UP!” you won’t be in compliance with GDPR. You will need to be clearer about what they are signing up for and confirm that they do in fact wish to be contacted in the future.
Pro Tip: A simple way to do this is to send an automated email confirming their subscription with a second opt in confirmation obtaining the customer’s consent.
It’s also important to consider how demographic and other data such as gross annual income, family size, or age is managed. Although this is great information for targeting in marketing campaigns, if anonymous data …read more
Read more here:: B2CMarketingInsider