A BIG change is coming– the General Data Protection Regulation (GDPR). It’s been a long time coming, but at BURN we believe it’s a good thing for marketing and marketers.
GDPR gives customers more power and control over the data companies have and hold about them and how they can use it. That being said, it’s not going to be plain sailing.
It’s been likened to the Y2K bug in terms of scope. PwC are quoted as saying: “This will impact every entity that holds or uses European personal data both inside and outside of Europe.” Yet the vast majority of organisations are under-prepared.
Preparing for GDPR, companies must consider how they:
- Handle and process customer data (PS, B2C and B2B)
- Gain and store explicit consent from customers – this means how the customer can be communicated with, by which channels, and the relevant content
- Store and use personal data, this includes appropriate or relevant times to use said data
- Handle data requests from customers
- Report data breaches (how and when to use the data is important here)
Clarification of things like “explicit consent” and the “meaning” of processing are being hammered out. A recent DMA document covers these areas in some detail.
The full implications of the regulation are a little opaque; however, it will have a transformational effect on sales and marketing, and their associated agencies and suppliers.
All companies must be GDPR compliant by 25 May 2018 – under a year away at time of writing. Successful companies have a strategy to maximise the opportunities of GDPR and are currently ensuring compliance and collecting maximum opt-ins.
Finally, they are busily updating privacy policies and building preference centres.
Many companies are totally unprepared, and the penalties are huge. A single breach of GDPR could result in a fine of 4% of turnover or £20m.
All clear? Contact us for more help about how your business can stand to gain from GDPR.