The GDPR (General Data Protection Regulation) comes into force on 25 May
With wide-ranging implications for all organisations, both in terms of initial compliance and increased workload now and in the future to ensure compliance, it’s important that you know you have a safe pair of hands to turn to when you need help.
Numerous tales of woe and scaremongering abound in the marketing press, but the GDPR will improve the way you build up databases and how and why you collect data, and you'll only market to people who actually want to hear from you – all of which will make your digital marketing more effective.
We’ve been working on our own compliance and how we can help our customers for some time now, and our expert team has undergone certified GDPR and data privacy training.
We’re here to help, and we’d like to discuss the implications and potential benefits of GDPR with you – which includes the following aspects of GDPR compliance:
Customer Comms Preference Centre
You may be marketing and communicating to customers through various means – post, email, telephone, SMS. Under the GDPR, you must allow customers to easily update the channels through which they want to hear from you. A Preference Centre on your website, which is synchronised with your CRM system and email marketing tool, is the ideal option.
Subject Access Requests
A customer may request to see the information you hold on them at any point in time. You need to comply with their request within 1 month. This means you need to know where all the customer’s data is, be able to get hold of it quickly and easily, and deliver it in a customer-friendly format. If your customer data is split across various systems, this can prove problematic. We can help integrate your systems to ensure your customer data is in one place.
Right to be Forgotten Requests
A customer might ask that you remove all personal data that you hold on them. Again, disparate systems can make this task a real chore. Furthermore, we know you might need to retain some data, especially if it relates to a transaction, so that your business can report on it accurately in the future. In this case, simply anonymising all personal identifier information, so that the customer’s information has been ‘deleted’, could be the answer. We can make sure you comply with the right to be forgotten in the correct way for you.
As with many elements of the GDPR, good data discipline is key to compliance. This can mean ensuring systems containing customer data talk to each other in the right way. It can mean ensuring that your team have the right knowledge of data privacy laws to ensure they are always doing the right thing. It can mean having the right documentation and proof of the steps you have taken, or intend to take, to comply. It can also mean conducting privacy impact assessments (PIA) before undergoing any large-scale digital transformation work that touches customer data. Whatever your need, we have the technological and data discipline nous to help.
Customers must be given the option to opt out of automatic profiling. This has implications for those brands using personalisation on their website based on customer history or browsing habits. It may be that you require a pop-up on your website that explains to a visitor that not only are you using cookies, but that you tailor their experience on your website based on what they view or what they click or what they buy. It may be that you choose to record customer consent for this. Whatever your need, with our knowledge of personalisation and profiling, we can assist.
Obtaining Consent for Marketing