In all honesty, no one knows exactly what it means, the legislation itself is plagued with vagaries and there seems to be little clarification on what it means for the world of B2B communications. But here’s what we do know, and how it will impact your business.
Who will be affected?
If your organisation:
– Possesses or processes data pertaining to an identifiable person
– Contacts those individuals via email, phone, SMS or post
– Tracks their engagement via e-shots, cookies, or landing pages for the purpose of profiling an individual
Then you need to start thinking seriously about how GDPR will impact on your business, and start taking immediate steps towards compliance.
What does it mean?
|What is personal data?|
There is no longer any difference between “business” and “consumer” data
The GDPR makes no distinction between B2C personal data and B2B personal data. It’s all personal and subject to the same rules. B2B businesses will need to update their processes to ensure the same levels of protection are given to anyone they wish to contact.
Opt-in replaces opt-out
The opt-out is a familiar part of marketing communication these days: “If you don’t want to hear from us again, tick this box or click this link”. Under the new EU laws, the opt-out will be no more. Instead, opt-in consent will be required for all marketing communications.
Data controllers need to be able to prove that users gave unambiguous, informed, contextual consent and knew exactly what they were agreeing to.
Consent cannot be implied by inaction, it must be the result of a positive action by individuals. Soft opt-in may apply in some circumstances, but it’s better to be safe than sorry.
Right to be forgotten
Individuals now have the right to force data controllers to delete all information they hold on them, including any details retained on a “do not contact” list. Businesses will have to work out new processes to ensure all personal information is thoroughly and permanently erased.
Data on EU citizens will be treated the same wherever in the world it’s held
The Regulations grant enforcement bodies greater powers that apply anywhere in the world, not simply in EU member countries. If you hold data on any EU citizen then you’ll need to comply.
This is a Regulation and not a Directive
Directives are legal guidelines that EU countries must achieve by their own means, whereas Regulations have binding legal force and all come into effect at the same time. In other words, the GDPR is a pan-European law that won’t be influenced by the UK Parliament.
When do I have to comply?
The GDPR was published on 25th May 2016. It gives organisations 2 years to become compliant, so the deadline is 25th May 2018.
So what do I do next?
See the consequences of this for your business and the steps you can follow to ensure you comply here…
If this is something you are concerned about, why not give us a call on 01672 505050 or drop an email to email@example.com
This article together with the help of the following pieces, some of which we have quoted directly.
‘How the GDPR will affect B2B marketing’ – CPB UK
‘3 ways the new EU data laws will impact your B2B marketing’ – Claire Gardner, Cyance
’10 Must-know facts about the new EU data law’ – Graham Smith, marketinggraham.com
‘Infographic: How the EU plans to kill B2B marketing’ – Graham Smith, marketinggraham.com
’10 things B2B marketers should know about the new EU data protection regulations’ – Rob Diggle, Databroker
‘What does the GDPR mean for email marketing?’ – Cheryl Buckingham, Artisan Send