So this weekend (rock n roll I know!), I listened to a webcast on GDPR from a marketing viewpoint. Some of it was very interesting, so I am sharing the highlights with you.
In the meantime, if you are concerned about your database, what is on there, what you should do, options and so on, Pinpoint Marketing is offering consultancy at £50 per hour.
Note that any information I share is not to be taken as legal advice.
- 156 million emails were sent every single minute in 2017!
- Don’t panic. Asking contacts to sign up and give consent is something we should of all been doing anyway, so hopefully it won’t mean a huge loss of data for you.
- In the future, the eprivacy directive may also be changing in 2018/2019
- GDPR has broadened the definition of what is personal data
- GDPR covers
- lawful processing
- purpose limitation
- data minimisation
- data retention
- the data controller is the company or organisation eg you and the data processor is a VA or a marketing agency or the software eg Mail Chimp
- data processors should appoint a DPO
- record keeping of data needs to be looked at and any data breaches need to be reported within 72 hours
- “soft opt-in exception” – this is where the recipient is an existing contact, that you got their email in the context of a sale, that an opt-out was offered and that the marketing you sent them was related. Must do all 4
- consent must be distinguishable, easy to withdraw and auditable
- consent isn’t silence, inactivity or pre-ticked boxes
- don’t make consent to receiving marketing from your business as a condition of the sale eg not ask for emails in exchange for white papers
- Do you need to ask contacts to re opt-in or re consent? This depends
- refer to the soft opt-in rules. eg if they opted in then you still need to because what you originally did may not be up to the new “GDPR standard”
- opt-out basis sign-ups will need to be reviewed. seek advice.
Listen to the webcast here.