RSS feed Get our RSS feed

News by Topic

BizReport : Advertising archives : October 26, 2017

Expert: How marketers can get up to date with GDPR

According to some experts, about half of European brands won't be GDPR compliant in time to meet the upcoming deadline. And, with more and more brands depending on email to connect with consumers, this lag in compliance can cause bigger problems.

by Kristina Knight

Kristina: Some research indicates fewer than half of European brands will not be GDPR compliant by the deadline - what is causing this lag?

EJ McGowan, General Manager, Campaigner: The process to become GDPR compliant is rigorous and requires serious changes to every marketing campaign. For email marketers, the new regulation requires businesses to carry the burden of proof that subscribers opted in to receive email marketing communications -- even from subscribers who are currently on email marketing lists. Many companies add emails to subscriber lists when someone wishes to download a report or even apply for a job. By requiring businesses to show proof that subscribers agree and wish to receive emails, marketers' lists will be drastically reduced. This leaves companies with the decision to either spend time and resources in becoming compliant or continue with their current marketing practices and risk financial penalties as a result. Given the competitive marketing landscape, many businesses may choose to use their resources to increase sales rather than become compliant.

Kristina: Do you believe business owners and marketers simply don't understand what the GDPR is?

EJ: To an extent, yes. The regulation is lengthy and complicated, and most marketers do not have the time or desire to read 88 pages of technical language. The thing that is important to understand is that GDPR affects more than just an email marketing program. It will change the way businesses conduct internal responsibilities as well, like HR paperwork. In fact, large companies will be required to to hire a data officer to ensure consumer and employee data is kept secure.
Marketers and business owners should err on the side of caution and, if they are unsure whether a requirement is geared toward their program, should implement it. The GDPR will help businesses build trust and engagement with their subscribers so, in this case, being overly cautious can in fact help your program.

Kristina: What do marketers and businesses need to better understand about the deadline?

EJ: Email marketers specifically need to better understand what data is considered personal data. The GDPR fundamentally protects EU residents' identities and requires businesses to securely handle this data. Anything that can directly or indirectly identify a person is considered personal data -- including name and geolocation.
Sure enough, email can be used to personally identify someone. All this information is now expected to be handled securely and must follow new guidelines to prevent data breaches. For small businesses with limited resources, using an email marketing platform will ensure your business remains compliant.

Kristina: For brands who aren't compliant after the GDPR deadline, what could happen?

EJ: The regulation lists a few different consequences for those who are not GDPR compliant, the most serious being a fine of 4% of annual global turnover or €20 Million (whichever is greater). While most will not reach this fine, the EU has developed a tiered approach to fines. With the expected number of companies being fully compliant in time for this regulation being low, it is likely the EU will develop a notification system before imposing immediate fines. In the long run, spending a little bit of time now to ensure compliance will save business owners time and money compared to dealing with EU regulators who have discovered their non-compliance.

Kristina: What are your best practices for businesses to become GDPR compliant?

EJ: The best practices businesses should take to become GDPR compliant are, first, taking the time to get familiarized with the GDPR legal framework. Next, businesses should ensure a clear plan for communication within the business and with consumers. This entails reviewing current privacy notices and checking procedures to make sure they cover all the rights individuals have. Businesses can then review how they seek, record and manage consent and update any existing policies to reflect a watertight opt-in policy. Be sure to check in regularly to make sure that as your company and subscriber base grows, your business will remain compliant.

Tags: advertising, Campaigner, emial marketing, GDPR compliance

Subscribe to BizReport



Copyright © 1999- BizReport. All rights reserved.
Republication or redistribution of BizReport content is expressly prohibited without the prior written consent.
BizReport shall not be liable for any errors in the content, or for any actions taken in reliance thereon.