What does GDPR mean for digital marketing?
As an affiliate, we may earn from qualifying purchases. We get commissions for purchases made through links on this website.
GDPR, the EU’s new privacy regulation, is fast approaching, which means major changes for digital marketing. The GDPR will make it more difficult for companies to process customers’ personal data that has not been consented to be used. Digital marketing may encounter challenges with the GDPR, but one can also benefit from the new regulations.
What is the GDPR?
GDPR stands for General Data Protection Regulation, and is the new privacy regulation prepared by the EU. It enters into force on 25 May 2018 and will apply throughout the EU and the EEA, but also companies outside the EU that process European personal data. All countries must follow the new regulations, and there is no room for making their own changes internally, as was the case previously.
What is personal information?
A personal information is information that can be linked to you as an individual, such as name, address, telephone number, e-mail address, IP address and even your car number.
One thing that challenges privacy to a great extent is that we leave so many digital tracks everywhere we travel on the internet. This information is easy to use, and an important measure with the new regulation is to regulate this better. The regulation shall strengthen the rights of the individual and ensure that there is better transparency and openness about what the information is used for.
What does GDPR mean for digital marketing?
GDPR will not mean much to you if you already have good routines in place when processing and storing personal data. Those who do not have control, on the other hand, are starting to have a bad time.
Inbound vs outbound marketing
If you use inbound marketing, where customers visit your company and ask for more information , you are not as affected as in outbound marketing, where you collect personal information without consent and contact people who neither know your company nor know what you offer.
Inbound marketing attracts customers by selling products and services that the customer needs on the customer’s own terms. In this way, the customer only contacts the company when they have a need, and you then avoid coming into conflict with the regulations by using personal information for which no consent has been given.
In order to collect and store personal information, you have to meet a number of requirements:
- The person must give consent for the information to be collected.
- This consent must be given as an active and voluntary act.
- When updating personal information or using it for another purpose, a new consent must be given.
- It must be as easy to give consent as it is to withdraw it.
- You must have control over documentation so that it is easy to keep track of personal information.
A separate privacy statement must be easily accessible so that people can go in and read what rights the individual has for consent, change or deletion of personal data in a concise and understandable manner.
Failure to comply with these EU requirements risks large fines. Fines of four percent of the company’s annual turnover or 20 million euros, whichever is greater, will await those who do not comply with the new regulations sufficiently. Such large fines can be very detrimental to the business.
Plan for implementation
It is important that you have already familiarized yourself with what GDPR means for your company, if you are going to make either large or small changes, you must have a plan for implementation and have documentation in place for what you use personal information for and why you at all it collects.
Be quality conscious
It is important not to collect data about people you do not really need. Then you get an unnecessary amount of data to deal with. This is also not in accordance with the new regulations, where you must have clear guidelines for why you store and process information.
Get rid of unnecessary data
Many people think that one day you will need this information, but it will not happen. If you do not use the information for something sensible already, it is best to get rid of it as soon as possible.
It is easier to process and store data that you really need, than to keep track of large amounts of unnecessary data – quality rather than quantity!
Good luck with the implementation!
NB: This is our interpretation of the law as it is outlined at this time, and is not intended as a conclusion on how to follow the law. For legal advice, we recommend that you contact a lawyer.