The Guide is an online resource set up to clarify some of the detail around the new General Data Protection Regulation (GDPR) coming into force in May 2018.
What is the GDPR?
One of the difficulties for firms who want to work out how to respond to the regulation is a lack of clear detail.
In this blog in August, we looked at the new regulation and how it might affect B2B marketers.
What we know so far
The regulation will affect any firm that:
- Possesses or processes data pertaining to an identifiable person
- Contacts those individuals via email, phone, SMS or mail
- Tracks their engagement via e-shots, cookies, or landing pages for the purpose of profiling an individual
Essentially, it is all about privacy.
The GDPR will remove the distinction between business and personal data. Currently, B2C data is treated more strictly than B2B data. There are rules about how you can market to individuals via their personal email address or phone number. When it comes to business contact details, the rules are currently less stringent.
The new regulation will change that, defining personal data as including:
- Full name
- Job title
- Work email address
- Direct telephone number
- Any data relating to an individual’s actions or behaviours – e.g. areas of interest
- Computer IP address
Opt-in replaces opt-out
In many ways, the change from opt-out to opt-in permissions represents the biggest change. This will be the thing that requires most work from B2B marketers.
Proactive opt-in consent will replace individuals’ right to opt out of marketing communications. The law of inertia suggests that it will be far harder to get people to proactively sign up to marketing communications than it is to stop them opting out.
This poses two main challenges:
- You will lose some of your audience. Any content you produce needs to work harder to engage with a smaller group
- You need a robust way of storing contact data and confirmed opt-in information. You must be able to show that your contacts gave unambiguous, informed, contextual consent.
And while previous legislation has applied to data held just in EU countries, the new law applies to any EU citizen, no matter where in the world the data is held.
The next scandal?
Comparing the GDPR to PPI may sound dramatic – but it’s something that all B2B marketers should be alive to. Misconduct is estimated to have cost the banking sector £15bn in fines in the last 15 years – the bulk of this money going on PPI redress.
Financial services firms will want to ensure that they do not risk a similar fate from the GDPR.
Our blog on the regulations has more detail on the actions marketing teams should be taking now to prepare for the new legislation.
As the nitty-gritty of the new legislation becomes clearer, B2B marketers will need to act quickly to ensure their processes are up to speed before the May 2018 deadline.
And of course, firms can’t forget all the other, current regulations they need to comply with. The need to meet Financial Conduct Authority requirements, as well as staying on the right side of the Advertising Standards Authority.
Preparation for the GDPR needs to start sooner rather than later. Watch this space for more detail as the requirements of the new regulation are firmed up.
In the meantime, make sure your marketing is compliant with all the current regulations by reading our Marketing Guide to Compliance. This comprehensive guide has everything marketers need to know about financial promotions. You can download a free copy here.
Our Financial Promotions Checklist will give you a good grounding, so you can be sure your promotions are ticking the box, whether delivered by innovative or more traditional means. The checklist is free, and you can download a copy here.
Nothing in this document should be treated as an authoritative statement of the law. Action should not be taken as a result of this document alone. We make no warranty and accept no responsibility for consequences arising from relying on this document.