Don’t be a data pirate, be ready for GDPR

Will General Data Protection Regulation put your marketing at risk?

Are you ready for General Data Protection Regulation (GDPR)? Most businesses are not even aware that this act has been passed and will come into effect for 25th May 2018. With little under a year to prepare for one of the biggest changes to the way data is handled businesses need to act now to protect all those years of lead generation.

What is GDPR?

To put it simply it’s an EU regulation around the storage of data, and for marketers that means email addresses. It is also likely that with the Great Repeal Act it will be converted into British law once we leave the EU.

There are new rights for people to access the information companies hold on them, rather than just unsubscribing users have the right to have data deleted from your records.  Fines could be large if you breach GDPA and fail to show how you obtained consent to hold records (email, mobile numbers etc)

The main issue for marketers is the “consent” issue, while we have been using opt in and double opt in, additional care will need to be used around not just consent but the way the data is stored, user have a right to be forgotten which means you need to delete the record, are you set up to do that currently?



Does GDPR affect me?

GDPR affects anyone storing personal data, predominantly those working in Business to Consumer (B2C).  

If you work within B2B and only hold records of employees working in Limited companies and LLP’s existing opt out rules still apply and are covered by another bit of regulation PECR (which is also going to be updated)  


How do we prepare for GDPA?

The first thing you will need to do is audit your current data, do you know where it has come from? Did you grab a details at a trade show and just stick them on your database? You need to know and you need to show “consent” has been given. If you are managing lists from spreadsheets it may be time to look at alternatives for storing your data that allow you to track and manage creation and edit easily.

  • Mailchimp
  • Communigator
  • Constant Contact


A few of the many options on the market worth exploring.  

If users or customers no longer want to be contacted by you they can have you remove them from your records.  Given that you may have spent budget on advertising and time creating something to attract that acquisition you do not want to loose them for good. Content needs to be relevant and targeted at all times.  

If your audience is signing up to your database and you are sending them great content you don’t have many issues to worry about.


What about my 1000’s of existing contacts?

If you have loads of data and you are not sure where it came from you have around 10 months to get it in order.  Regardless, if your database is 1st or 3rd Party you will need to show the most recent statement of consent (could be the list) if you don’t have this, then you are going to need to obtain it.

Websites and T&C’s will also need to show why you are collecting data, so factor this in when you are making your site GDPR compliant.   

In summary if you are not thinking about GDPR now you should be, get a head start on tightening up your marketing collateral while you have time to do something about it. Far easier to implement a strategy that shows your audience value over 6 months to sign up your contacts rather than doing it a few weeks before the deadline.   


Can Social Media help?

Of course it can, we’re working with clients to help them build databases through the major Social Media networks that are GDPR compliant. It’s not just lead generation and collecting data, we are helping clients build loyal communities online where it can often be far easier to engage and serve relevant content, if you want to find out more about how Social Media can help get you GDPR compliant and grow your own community then drop us a line, we would love to sit down and give you a free consultation.