I’m sure by now you’ve heard a lot about GDPR, but in case you haven’t, GDPR stands for General Data Protection Regulation – it replaces the current Data Protection Act and will create a consistent set of rules across all countries in the EU.
GDPR goes into effect on May 24, 2018, and every company that does business in the EU will have to comply to the new regulations. There are considerable fines for breaking the rules: 4% of global annual turnover or €20 million, whichever is higher – so the stakes have never been higher!
Here’s a breakdown of the regulations that all marketers need to be aware of:
- Consent, consent, consent – Under GDPR, all companies will be required to obtain explicit consent for the collection and use of personal data. This includes storing personal data such as email address, first name, last name in your databases, tracking web activity using cookies, as well as emailing individuals who do not wish to be contacted. You must acquire consent for each!
- Request to be deleted – individuals can request to be removed from your databases at any time. Companies must have processes in place to comply with these requests promptly.
- Data accuracy – data must be kept up to date and accurate.
- B2B vs B2C – There’s no distinction between B2B or B2C data such as email addresses – new regulations apply to all.
There is substantial work to be done for many marketers to comply with the new GDPR regulations. Demand Spring is here to help, contact us.
Below are general tips to help get you started, however, you should consult with your legal counsel for guidance on GDPR.
- Audit your database – identify where your leads are located and capture explicit consent prior to May 24 deadline. For leads with no country, you’ll want to enlist 3rd party solutions to enrich your data.
- Explicit Opt-in – begin capturing explicit opt-in for all EU leads in your database, new and existing.
- Cookie consent – begin capturing cookie tracking consent.
To read the full text of the GDPR regulations, click here.