GDPR – what the F**k is that all about?

B2B marketing is being rocked by threats of losing whole databases and being unable to market services after 25th May 2018 – just 9 months away.

Really?

No, not really.  But there are some seriously hefty fines floating around and with the Government short of money, you don’t want to be on the wrong end of a fine up to a maximum of €20 Million or 4% of worldwide turnover, whichever is the greater!

So it makes sense to pay attention to GDPR and make sure you cover off the basics.

The aim of this article is to give you an update as of now (August 2017) so that you can start making some changes that will position you well when 25 May 2018 rolls around and GDPR descends on the UK like a toxic cloud of EU Bullshit that kills your sales and marketing efforts.

Limited Scope

I’m talking here about how GDPR affects your B2B sales and marketing: your data; email campaigns; social media; telemarketing, etc.

There are different aspects to GDPR that cover other areas of business such as: holding data on staff; employment contracts; payroll; logistics and so on.  I don’t know enough about these to advise you appropriately but we do know people, so get in touch if you want help.

If you hold any data on young people or anything deeply personal on individuals, get good, expert advice as there are changes in these areas.

What are the new rules when applied to B2B marketing?

This is the easy bit.  As things stand now, GDPR rules will be broadly similar to the Data Protection Act but beefed up with massive levels of fines and a focus on compliance:

  • You can email contacts in Limited Companies, LLPs, PLCs and Government institutions without needing an opt in as long as you give them an opt out. This does not actually rely on GDPR rather PECR (Privacy and Electronic Communications Regulations).  Also see the “Disclaimer” below regarding the future of PECR.
  • You need opt in permission to email sole traders, partnerships and other unincorporated businesses / individuals based on the new GDPR requirements.
  • The rules about the opt in have changed so you have to be open about what you are going to do with their data, not use coercion to get them to opt in and not pre-fill tick boxes or make service delivery conditional upon opt in.
  • There is a load of stuff about the “right to be forgotten”, only holding data while you actually need it and profiling data but frankly the issues in the three points above are far more pressing.

As you can see, not that much has really changed for B2B marketing and that’s not surprising as we are not the target of this legislation; this is data privacy legislation so it’s focussed far more on giving citizens rights to control what data is held on them and what is done with it.  The legislation is very different to the Canadian “Can Spam” rules that were specifically targeted towards email marketing and B2B businesses.

So why the fuss?

Because most businesses are not compliant with the toothless DPA and will get caught by the much fiercer GDPR.

You should be able to carry on using most of your data without getting everyone to opt in or double opt in as long as you understand the concepts of compliance and get your data in order.

But you have to get your data in order…

Your sales and marketing

If you are anything like most B2B businesses, you have a database of contacts in a CRM with your sales people holding other data in spreadsheets and email; while marketing have their own email marketing system and hold contact data from shows and events all over the place.

Whatever the case, you have a mess of contact data in systems and files.  Not only is this data duplicated all over the place but it’s also incomplete, out of date and generally shite.

Your biggest issue in complying with GDPR therefore is to get your data into good order and up to date so that you can prove you are following the rules.

You are likely to be tripped up by:

  • Duplicate data
  • Unstructured data (spreadsheets, csv exports, etc, etc)
  • Incomplete data
  • Old data
  • Wrong data

Action

The good news is that you can actually use GDPR to make money!  Yes, really…

Imagine for the moment that your data was all held in one central CRM system with complete records de-duplicated and used by both sales and marketing types.

Not only would compliance be a breeze, but you could also make great use of the data to run campaigns, generate leads, track engagement and close sales far more effectively than you are now.  My advice is to use GDPR as a reason to get your data in order; put it into a truly effective sales system then work it hard to generate you sales.

Sorting the data

You probably need external help to get your data in order.  Fact.  The people that got you into this mess won’t be able to get you out of it; you need outside help to sort your data.

(shameless plug)

The right help will be able to get all your data into one place and de-dupe it against a sensible field like email address.  Then you need to segment your data.  Limited Companies, LLPs, PLCs and Government institutions you can ignore for now as you can carry on marketing to them under legitimate Interest/PECR.

The rest of your data is either unknown or unincorporated sole traders or partnerships.  This needs the most urgent attention as you MUST NOT email them after May next year.  A smart person will be able to help you reduce the unknowns through data appending.  Now you have a pile of contacts that you want to get opted in to your marketing.

Sensible precautions

No one expects rules on data permission to be relaxed; it is more likely rules will tighten over time.  My advice to you is to get as many of the contacts on your database as possible opted in to your communications.  Then you are covered as rules change into the future.

Finally, once you have your data in order, don’t let your team screw it up again!  Load your data into a sensible CRM system with good duplicate detection processes and make it a capital offence to store any data in a spreadsheet ever, no matter what the special case.

What now?

I hope you found this overview and action plan on GDPR useful.  It is presented “as is” and the usual disclaimers apply around taking proper advice blah blah blah…

But you have some decisions to make and action to take.  I’d love the chance to help you and maybe some of our services will be useful to you as you seek the elusive compliance gold star while creating a world class sales system on its back.  Get in touch if this sounds interesting.

Disclaimer – please do read this

The opinions I have expressed above are based on current legislation and what is known of GDPR at this point (August 2017).  However there is talk that PECR (the law we rely on to be able to carry on emailing B2B contacts without opt in) could be amended at the same time as GDPR, possibly requiring opt in for B2B emailing.

If PECR is changed, the basis on which the opinion above has been offered changes completely.

Such is the madness of this legislation!

General Data Protection Legislation – What can you do?

footprintsThe GDPR was approved in May 2016 and is set to have a huge impact on the way B2B relations are carried out. Here are a few of the consequences and some simple steps to make complying a little easier…

So what do I do?

Decide whether you will be impacted
If you telephone or email prospects, or possess personal data chances are you will be.

Find out more
Understand exactly what these changes will mean for you. Take a look at the library of resources Nett Sales has collected here…

Review your practices & plan ahead
Establish whether your current level of opt-in meets the new terms. Amend your consent terms, contact every person you wish to communicate with in the future to upgrade their consent level to the new standard and start storing consent forms.

Implement the plan now
Start preparing now while no one else is. Consent is going to become scarce in 18 months’ time, so being ahead of the game could be a huge advantage!

Ask for help
It’s important you get this right, so start thinking about this today and get some help with it if you need to.

See the silver lining
With all the talk of hefty fines and legal action it’s easy to see only the negatives. However, by being forced to encourage prospects to engage you’ll boost both engagement and sales, and see a marked improvement in the quality of your data.

What are the consequences if I don’t?

You will be investigated by the Information Commissioner’s Office (ICO), and if you are found to be in serious breach of the new law you could be fined up to €20 million or 4% of your organisation’s global turnover.

It’s a fact that the ICO is increasing its staff numbers in preparation for the GDPR, so don’t assume they lack the resources. They stand to profit hugely from this.

Implications of Brexit

The GDPR comes into effect in May 2018. The UK is highly unlikely to exit the EU formally by then, so you’ll still be subject to the legislation. Whilst the long term future of GDPR after the conclusion of Brexit negotiations isn’t certain, the ICO has highlighted that:

“With so many businesses and services operating across borders, international consistency around data protection laws and rights is crucial both to businesses and organisations and to consumers and citizens. The ICO’s role has always involved working closely with regulators in other countries, and that will continue to be the case… we will be speaking to government to present our view that reform of the UK law remains necessary”ICO, 1st July 2016. See the full statement here…

So in short, a legislation on very similar lines to the GDPR is likely to be enforced in the years to come. As such, preparation is essential.

More information

If you are unsure where to go from here, keep an eye out for future articles from Nett Sales, call us on 01672 50 50 50 or drop an email to gdpr@nett-sales.com

You can also see our article introducing some of the key concepts of GDPR here…

Whilst this article is meant to inform, it does not constitute legal advice. If you need details about GDPR’s legal implications for your business, please get in with your legal advisor.

 

This article together with the help of the following pieces, some of which we have quoted directly.

‘How the GDPR will affect B2B marketing’ – CPB UK
‘3 ways the new EU data laws will impact your B2B marketing’ – Claire Gardner, Cyance
’10 Must-know facts about the new EU data law’ – Graham Smith, marketinggraham.com
‘Infographic: How the EU plans to kill B2B marketing’ – Graham Smith, marketinggraham.com

’10 things B2B marketers should know about the new EU data protection regulations’ – Rob Diggle, Databroker
‘What does the GDPR mean for email marketing?’ – Cheryl Buckingham, Artisan Send

 

 

The Maths of data

Darts_in_a_dartboardOften when we are planning an email campaign for a client, one of the biggest questions we face is “how many records are needed to achieve the results expected?”

Whilst we are firmly of the opinion that you can never have too many contacts to engage with, there are practical limits, especially if you are purchasing records or gathering them by telephone research.  So here is our rule of thumb for email campaigns:

  • Starting at the end and working backwards…
  • Campaign outcome: Require 4 good leads per month
  • Therefore need 20 interested contacts (1 in 5 can be classified as a lead)
  • Need to call 200 contacts following up the email campaign (one in 10 being interested) so we need to generate 200 interested contacts with the email campaign
  • Anything from 5% to 0.1% of contacts will engage with a good email campaign depending on the data used, message and market sector.

For well targeted, researched and opted in data you can achieve 1.5% engagement, for cold, purchased data, the figure is probably closer to 0.4%.  This means that if you want 4 good leads per month, you need:

For Good, warm contacts: 13,300 records and for cold but well targeted purchased data: 50,000 records.

The good news is that if you are willing to invest in your campaign and allow interest to build over a few months and be very rigorous with re-engaging the contacts that were “maybe”, you can reduce your data requirements by half, but this is still a lot of data to acquire, manage  and engage with…

Careful how you segment your database

crewI received promational emails from Crew Clothing today.  I’ve bought from them regularly, so straight into my inbox – great let’s have a look.

But for some reason I’m on their mailing list twice and to one email address they are offering me 15% off and the next 20% off PLUS free delivery.  Just makes them look a bit foolish…

So, before you test messages to different parts of your mailing list, check that you have de-duplicated on something other than email address – mailing address or phone number would be good.