With just about 15 days until GDPR comes into force across 28 countries, it is critical that all businesses ensure that their data privacy is a number one priority. This is the one time when size will NOT matter when auditors come knocking on doors to check if businesses are GDPR compliant. It is shocking to see extremely low percentage of companies not yet GDPR ready even as we get so close to the deadline of 25th May when the regulation comes into force. (6% of over 200 respondents in a survey conducted by Smart Insights, April 2018). Also the size of your database does not matter – if you have even one European contact in your data base or have multi data lists, businesses need to be GDPR compliant. The fundamental aim of GDPR is that all organisations within the EU incorporate the mentality that data privacy is of prime importance and is part their DNA and in the fabric of their culture.
While marketers across the board get neck deep ensuring that they comply fully, it is important to understand that GDPR is not here to stop businesses from communicating with their customers, but here to improve data quality with an aim to gain trust and respect from clients. The regulation is here to convey to one and all that all GDPR compliant companies take their data protection very seriously while allowing their customers to be in control with their choice of being communicated to or simply be forgotten. Matt Harris, co-founder and CEO, Sendwithus: “If you weren’t doing double opt-in before, do it now. 2018 will be the year of the unsubscribe. As more and more people realise that they are being bombarded with too much information, GDPR will make raising the alarm and cutting the noise easier for consumers. Unsubscribing will give them the power to truly choose that they want to receive in their inboxes. GDPR is not just a box ticking exercise but really understanding where the data is coming from, what the data entails and if the data is rightly encrypted.
As marketing teams get ready to exhibit the data is lawfully and fairly collected it is fundamental that consent must be given and NOT assumed while clarifying the very purpose for which data is being collected. When we say personal data – Personal Data is name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that person. This also includes IP addresses, cookies, mobile IPs and even search engines.
When I say size does not matter – I also mean that it does not matter what the size of your market is. This regulation is not limited to an EU centric market. It has a global impact. GDPR is just as relevant to US, LATAM and APAC as the EMEA markets since the regulation affects everyone that is collecting, processing and storing personal data of European citizens. Also, GDPR is not limited to the marketing function but to all aspects of a business that include having the right IT infrastructure, processes and policies making sure that data is transferred rightly even within the organisation.
You may want to read about GDPR – Is this the end of email