Despite the fact that the General Data Protection Regulation (GDPR) was made into law almost a year ago, many marketing professionals are still unsure of how to stay compliant. As a marketing professional, you’re likely to be one of the most affected in regard to the use of consumers’ personal data so if you still don’t fully understand exactly how GDPR affect marketing, here’s some insight.
It’s helpful to have a little background to understand the bigger picture of what the GDPR is all about. The GDPR aims to improve customers’ trust by giving them more say over what companies can do with their data. Some of the GDPR’s main principles include staying transparent about what you’re doing with data and staying accountable when things go wrong.
How does GDPR affect marketing?
Under the GDPR you need to obtain specific opt-in consent from your customer to use their data for marketing mailing lists.The customer’s choice needs to be deliberate—in practical terms, this means they have to check the opt-in tick-box themselves (it can’t be pre-ticked). Essentially, you’re only allowed to send marketing messages to someone who has clearly demonstrated that they want to hear from you.
What counts as a “marketing message”?
The consent requirements only apply to “marketing messages”, so it’s important to understand what counts as a marketing message and what doesn’t. Routine updates about a customer’s order or about changes to your services that affect the customer don’t count as “marketing”. So, for example, you don’t need explicit consent to send an order receipt or a shipping confirmation, but you do need explicit consent to send non-essential updates about your company, like your new Instagram handle or photos of your new office decor.
What about purchased mailing lists?
Lots of marketers purchase contact lists to expand the reach of their marketing emails. The good news is, this is still permissible under the GDPR. The companies collecting the contacts are responsible for obtaining the appropriate consent and clearly informing consumers that their data will be passed to companies like you. The bad news is, you need to do some extra homework about where your lists are coming from, and make sure consumers won’t be surprised that they’re being contacted by you.
Need an incentive?
Even if you’re clear on the specific steps you need to take to make your marketing efforts compliant, it may seem easier to just keep things as-is and fly under the radar. We’re here to tell you: don’t do it! Businesses that are in breach of GDPR can be fined up to 20 million euros or 4% of their global annual turnover (whichever is higher). Although fines of this scale have only been issued in cases of serious offenses, it’s better to be safe than sorry.
But, GDPR can lower your marketing costs and make your efforts more efficient, as you’re only advertising to people who want to hear from you. Customers will be more loyal to you because they trust you.
Now that you understand the basics of GDPR and how they apply to marketing, what you should you do?
- Clean your mailing list
Remove any duplicate data and anyone you don’t have an explicit opt-in from.
- Train your sales and marketing teams
Make sure your teams understand when you need explicit consent (and when you don’t), and the procedures for contacting customers in a compliant way.
- Get further advice
If you still have questions about whether your marketing practices are compliant, contact our team at Linkilaw! We offer a free 30-minute legal advice session.