Making Sense of the GDPR

It’s an acronym that’s floated around for a while now, looming on the horizon, and perhaps you’ve brushed it off as being “ages away”, or not fully sure what it’s about. But with the deadline for compliance in only 7 short weeks, it’s time to listen up.

The European Union General Data Protection Regulation (GDPR) is a new law that will change the way that EU businesses use customer’s personal information, all with the aim of protecting people’s data privacy. As it stands now, people’s lives are tracked digitally & often this is without their consent or full understanding of what’s going on. The GDPR is designed to give them better control over how their personal data is used. Personal data is any information that can identify that person, either directly or indirectly. This includes the likes of computer IP addresses and cookies, if they are capable of being linked back to the person. 

So what does it mean for marketing? 

As it stands just now, websites visited, links clicked, social activity etc can all be stored and used for marketing purposes & most organisations hold a database of customer information and use it for advertising. That will all still stand, the only difference is that now you must be able to prove that you got someone’s consent to store & use information relating to them. 

For a start, take some time to review your data collection processes to make sure you meet the following terms:

  • Make sure your consent requests are separate from other terms & conditions
  • Don’t use pre-ticked boxes, opt-out boxes or any other default settings that automatically assume consent 
  • Tell the person why you want the data and what you will do with it
  • Remind people that they can withdraw consent at any time & make it easy for them to do so
  • Record all the details to evidence consent including who consented, when, how and what they were told

And what about e-mail marketing specifically? It’s probably one of the most common questions considering many businesses have existing mailing lists. If you do have a current mailing list, you need to consider how customers were added to this. If they signed up and you can provide details of their consent should you be asked, then great. If not, you need to ask everyone to opt-in & get their permission before 25 May. The best way to do this is to design what’s called a Permission Passing campaign – essentially just another e-shot but including the following:

  •  Reasons why customers should opt-in – be creative, this is going to be the key part of keeping your list as big as possible! 
  • An opt-in message that includes links to privacy and cookie policies 
  • An unsubscribe link as normal

You might panic at the thought of your mailing list decreasing, but if you look on the bright side, at least you’ll be left with those who really do want to receive your emails, making for better open rates and more conversions. If you use Mailchimp, there’s more info on the tools available here: 

And remember, you’re not alone. Social platforms like Facebook are also working hard on their own preparations for the GDPR – designing a new privacy centre where users can choose their settings, as well as providing regular pop-up reminders in news feeds. In terms of Facebook advertising, it will continue as normal. The good news is that when you are targeting your Ads using information stored by Facebook (e.g. demographics, interests) then it’s Facebook’s responsibility to have clear consent from users. 

Let us know if we can help, and for more information visit the Information Commissioner’s Office: 

Social Strategy – Another Pub Crawl?!

View article

Why an office dog will have a ‘pawsitive’ effect on your day at work…

View article