Marketers commonly assume and build their campaigns based on the ‘more is better’ notion and they end up sending more emails, more invitations and event registrations to achieve greater re-targeting goals. However, engaging and winning customers’ trust takes on offering utmost personalized experiences based on their needs and respecting their preferred mode of use of their personal data. That’s why GDPR is devised – to end unethical data use practices which damage the effectiveness of the marketing campaigns.
Contrary to common belief, marketers should not consider GDPR as a hindrance, rather an opportunity to ascertain their marketing efforts will live up to customers’ expectations with ethical and personalized experience based on their preferences. With the implementation of this GDPR legislation, marketers can evaluate their present data management practices and market their products better. So, what is GDPR, actually?
What is GDPR?
May 25th, 2018 onwards, the General Data Protection Regulation, or GDPR, based on the European Union’s (EU) new data protection framework, will take effect as the most important piece of data protection legislation. It will control organizations which use European Union (EU) resident customers’ personal data for marketing and selling products and services. The legislation will also hold rights to control marketers’ practices of tracking and web browsing behavior of EU residents. Implementing GDPR will help ensure fortifying EU residents’ rights to their data privacy wherein stringent policies will improve customers’ rights on personal data, limit processing of personal data, and will enhance transparency in using their personal data.
The term ‘personal data’ in accordance with GDPR means the set of data that will relate to the specific or identifiable person. For this, the GDPR aims at reinforcing rights to personal data of EU residents in how it can be protected and utilized. GDPR is being devised based on six major principles:
- Transparency in how and in which the personal data needs to be utilized.
- The personal data must be used only in the purpose for which the data got collected and was mentioned to the customers.
- Reducing the procedure of collecting personal data right to the necessary steps that are required for the purpose as specified to customers.
- To ascertain the accuracy of the data collected.
- To check and avoid unauthorized collection or use of data and loss of the data by deploying necessary data security procedures.
- Limiting the practices of storing customers’ personal data strictly to necessary purpose.
Furthermore, a new accountability is now required to show how compliance will be implemented, managed and monitored. This will also demonstrate and protect how and why personal records get collected and used.
Now the question is – to whom will this GDPR legislation be applicable?
The GDPR legislation will be applicable to all organizations marketing products or services as well as monitoring web browsing behaviors of EU residents – whether these organizations are operating within or outside the European Union.
In a nutshell, if your business is marketing to and using personal data of Europeans, then this GDPR legislation is applicable to you. Moreover, if your business fails to comply with the legislation, then large penalties are to be borne by your organization which can be as much as 4% of your annual worldwide turnover or €20 million, whichever will be greater.
How to get consent from EU customers under GDPR?
The term ‘Consent’ under the GDPR means -
“which is freely given, whether specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her”.
There will be ‘affirmative action’ to help collect customers’ consent specific to the purpose for which the data is getting collected and used before marketers will process the same data as well as respecting and protecting customers’ preferences. Also, in terms of customer preferences, which may vary at times, this also can be regulated by GDPR which will state organizations must enable their customers to make changes in their choices and even withdraw their consent, as and when they want to. All organizations will require auditing, evaluating, and identifying all existing data points wherein they are collecting personal records for marketing pursuits.
- Purposes in which the data will be intended to be processed
- Tenure for which the records can be stored
- Criteria that can be set in order to regulate the period
- Legal grounds of processing personal records collected
- Contact details of data controller and representative in EU
- Type of recipients who will receive the data when distributed
- Details on international transfers of data
- Detailed information on customers’ rights to restrict the processing of their personal data
- Customers’ rights to revoke consent to process data
- Customers’ rights to get authority for supervision
- If there is a contractual or statutory requirement in terms of provision of data and if customers are obligated to furnish their records.
- Probable consequences when customers fail to provide any specific data
- The requirement of automated decision-making, consequences of processing for the data subject and significant information about the rationale behind it.
How Marketo will help your campaigns comply with GDPR?
Marketo will help marketers comply with the General Data Protection Regulation legislation by enabling them to incorporate a ‘Consent Field’ to every form which will be intended to collect personal data of EU residents. Lead Fields which will be required to document customers’ consent include:
- Consent to Processing
- “Consent Last Updated”
- “Consent Notes” (which states purposes for which the data will be processed as well as information on past records of consent given should be documented here)
Do you need in-depth information on General Data Protection Regulation and how to implement the legislation in your marketing campaigns? You can simply get in touch with us with your GDPR queries at (408) 502 6765 or via services@ShowMeLeads.com. Additionally, you can check out latest updates on our social pages Twitter, Facebook, and LinkedIn.