Marketing under GDPR

From 25th May 2018 new rules will be in place under the General Data Protection Regulation (GDPR) which expand on the current data protection laws we have today. Most processing of personal data by organisations will have to comply with GDPR by this date. The purpose of these new rules is to ensure that companies and organisations are open and transparent about the data they hold and what that data is used for. The regulations are also designed to encourage good governance over the use and security of data.

In the UK, the Information Commissioner’s Office is responsible for overseeing this governance and they provide advice and tools to help organisations be compliant with this new regulation. Below is a summary of the 12 steps to take towards GDPR compliance, and more information can be found on the ICO website at ico.org.uk.

Source the ICO (ico.org.uk)

What does this mean for Digital Marketing?

All this is about acting responsibly with customer data and being able to prove that you are doing so. In terms of marketing, you will need to make sure any customer that you wish to market to has given express permission for you to use their information in this way, and also hold evidence that you have their consent. Consent by way of burying some text in the T&Cs and saying “by using this service you agree to…” (as has been common practice), or asking someone to untick a box to opt-out of marketing for example, will no longer be allowable under GDPR. You must be upfront with what you intend to do with customer details at the time they are providing them, and consent has to be provided by an opt-in method, not an opt-out. It is also important that you have a privacy policy in place that you can refer to when needed and is available for clients and others to reference at anytime.

You may have a contact list full of customer details to which you previously sent out updates or alerted customers about new products or special offers. This list may become useless if you did not previously ask for consent via opt-in as you will no longer be able to send such updates to that list once the GDPR comes in. In order to continue to use customer details to send updates it is important that your customers are asked if they are content for this to happen, and keep evidence of them providing permission.

Another part of Data Responsibility is the security of that data. Where is it stored? Who has access to it? How is data moved from one place to another? Around 70% of web traffic is now encrypted but there still remain websites that do not use https when handling sensitive data, allowing that information to be sent across the Internet in plain text where it can be viewed if intercepted.

There are many factors to consider when looking to be compliant with Data Protection and this will vary a lot from business to business.

What can teclan do for you?

We are offering various services with our Digital Marketing Packages to assist businesses and organisations in being GDPR compliant. Services include website GDPR compliance audits, email contact list re-validation and various security tools to keep data safe. If you are unsure and would like to discuss your marketing needs with us, call 01463 898043 or email [email]info@teclan.com[/email]

we accept Amex, Visa, Mastercard, Visa Debit
total processing logo