GDPR is good for your business

No, really it is. This article briefly explores the possible impact on your marketing and how you might make the most of it.

There is far too much negativity associated with GDPR. It will certainly help protect personal data rights. It will reward legitimate businesses that genuinely add value by providing relevant products, services and content to their contacts who in turn are more likely to want to stay in touch with them. However, it will penalise organisations for non-compliance and who put profit before privacy – with fines of up to 4% of global turnover. It won’t stop scammers who operate above the law and believe their legitimate interest outweighs everyone else’s.

PLEASE NOTE: This article is for general guidance only. Always refer to your privacy policy and if in any doubt consult a specialist GDPR solicitor.

How will GDPR make an impact on your marketing?

We think GDPR will fuel the continued growth of inbound marketing, the use of social media and a revival in production and delivery of printed materials. Let’s assume that your Twitter followers, Facebook friends and members of your LinkedIn network will look forward to hearing from you. No need to seek their permission, then. People use Google to do their research, make better informed decisions about what and where to buy and what price to pay and so having a well optimised website that provides useful information and tips in an easy-to-consume way, will out-perform all those that don’t.

You can send a postcard, letter or brochure to anyone, as long as you make it easy for them to remove their names from your mailing list. Either by calling a number, completing a web form, or dare I say it, writing you a letter. However, the easiest way would be for them to write ‘Return to Sender’ on the envelope and post it back. Print is a beautifully tactile and creative medium for highly personalised communications but try and keep your mailings under A5 in size to qualify for the lowest postage rates.

What about prospective customers who have never bought from you before?

All people have the right to be informed about how and where you obtain their personal data, what the purpose is for collecting it and the lawful basis upon which you will be processing it i.e. what you intend to do with it and who you are going to share it with.

Some companies are relying on their ‘legitimate interest’ as the lawful basis upon which to process personal data. Whilst it may be OK to override the interests of existing customers because it might be argued that they have bought similar products or services in the past -in our view – it is more challenging to use this for individuals who have never bought before. We predict a few test cases will sort the answer out.

Sending emails to drum up more business

Managing GDPRThink carefully about whether these emails are going to existing customers or new prospects and what the legal basis for sending them is. If you can’t argue it is in your legitimate interest or part of fulfilling the terms of your  contract with them, then you should consider obtaining their consent. If this is the case then people should be invited to opt-in to receive emails from you and you must record when and how they gave permission and what you showed them when they did. It is not OK to assume from silence that they have opted-in and that you should no longer employ ‘pre-tick’ boxes.

If you have sold a product or service to a customer then you must send them a separate, standalone email to ask their permission to opt-in. The notification should not be hidden at the bottom of another business email or made a condition of the original sale. You already know that all your outbound emails should make it very easy for receivers to unsubscribe.

Get an explicit opt-in

Currently the Privacy and Electronic Communications Regulation (PECR) says that if you obtain a person’s email address or phone number when they purchased something or negotiated to buy from you then it is OK to send marketing communications to them about the same kind of thing they are already interested in. But the PECR is being replaced so it makes sense to get an explicit opt-in. This does actually make commercial sense, because when somebody says they are not interested in hearing from you it generally means just that.

Keep a ‘No Contact’ list

It is ironic that if somebody asks you not to contact them, then you should keep their details on a suppression file, so you don’t send them anything in the future by mistake.

No unsolicited phone calls

You should not make unsolicited sales calls to people or companies on the Telephone Preference Service. Check numbers are on the TPS by using www.tpschecker.co.uk. People have taken the time to register, so respect their wishes and save yourself time by not phoning them.

Data security and SSL Certificates on your website

If you are collecting and storing any data from people on your website then it is essential to install an SSL certificate. As of October 2017, Google labels any websites without an SSL certificate as non-secure, subsequently putting off visitors and affecting your rankings at the same time. Take a quick look at one of our other blog posts on SSL certificates.

Need help?

GDPR will have an impact on your marketing activities – from 25 May 2018. With our knowledge and experience of GDPR, we’ll ensure you implement compelling and compliant communications. We’ll also  help you to develop engaging cross-platform digital, social and marketing campaigns.