As the implementation of the GDPR looms ever closer, many brands, and rightly so, are beginning to fret about the stricter legal regulations that will come into force. But for proactive brand marketers, it’s a real opportunity to improve data quality, transparency and relationships with customers.
On May 25th 2018, the GDPR comes into full effect, leaving digital marketers a rather short amount of time to get their house in order and make any required changes to the way in which they operate, process data and manage risk.
The existing directive, written in 1995, when digital ads were exciting new tech and direct mail was still in its pomp is no longer fit for purpose in the cloud era. The new legislation will modernize the law, to tackle the rise of social networks and cloud-based tech, as well as harmonizing it with all 28 EU member states. And this applies to any brand that markets to EU member states, whether they’re domiciled there or not.
Meaning the storage, use, and disclosure of personal data is enshrined in cross country law. No more self regulation or education, simply watertight legislation.
What does this all mean for brand marketers?
Data acquisition is always high up the list of KPI’s for digital marketers. Helping boost sales, optimize current and future campaigns, and better understand customers. And the GDPR doesn’t seek to tie this up bureaucracy, merely just regulate it properly.
It will hand greater control of personal data back into the hands of the customer. Allowing them a number of enhanced rights including access to their personal data, the ability to withdraw it and the right to be forgotten.
It also strengthens the requirements around gathering data with greater emphasis on when you can collect and process personal data, how you secure it, and that you’re getting all the t’s & c’s checked to gather it in the first place. That means making sure your prospects opt in to campaigns, and there’s no surreptitious tactics to hoodwink them into doing so. It also means being specific when describing what the data will be used for.
The penalties for non-compliance
The era of a slap on the wrist and re-education over your brand’s responsibilities is over. Non-compliance penalties are hefty, and then some. With fines of up to €20m or 4% of brand’s global annual turnover – whichever is larger. Nobody wants to be footing that bill.
The Key Changes You Need To Know About:
- The GPDR will be applied across all 28 member states including UK
- It uses an enforcement regime, as opposed to self-regulation and education
- Large fines for non-compliance, up to €20 million or 4% annual income (whichever is larger)
- Stricter rules around gaining consent for data collection, data usage and marketing
- Individual right to access personal data, correct it and withdraw it
- Individual right to claim compensation
- Compensation claims will be made easier and simpler for consumers
- Whether domiciled in the EU or not, if a brand markets or sells to any EU member state they are bound by the new law.