Last week saw team Bespoke host the latest ‘Wake up to Digital’ event, aimed at preparing local businesses for the upcoming General Data Protection Regulation (GDPR).
Our ‘Wake up to Digital’ seminars are a programme of events in which we cover topics and issues that are bothering businesses the most, and invite guest speakers to our round table discussions.
Our attendees included a range of in-house Marketing Managers, Managing Directors and General Managers, who engaged in the debate and raised a lot of interesting questions.
These questions highlighted common themes, that GDPR messages in circulation are failing to answer. We thought that we'd share our answers to tackle these, as part of our efforts to bust many of the myths surrounding the GDPR, and highlight the marketing opportunities it brings for companies.
Q. We provide incentives to encourage people to sign up to our mailing list. Is it OK to continue this?
Put simply, no. Under the GDPR, consent to use personal data must be ‘unbundled’ from other terms and conditions. It’s recommended that consent is asked for separately from any other question or incentive.
Q. We build our mailing list by running a business card exchange for prize draws. People understand that this happens, so it’s OK… right?
No, the same rule applies here. If you are collecting people's personal information with a view to marketing to them (and firstname.lastname@example.org is classed as personal information) then you need to get their explicit consent to do this. Entering a competition or prize draw does not automatically provide you with consent to send them marketing material.
Q. The customer data for our product catalogue goes back 6 years. Is that OK?
This depends on your business and your product lifecycle. If your customers are likely to re-purchase from you every 5-6 years then this is likely to be OK.
Q. Do I have to use a ‘double opt-in’ method to allow me to send out marketing emails?
Double opt-in is not legally required under the GDPR. However, it is a very good way to ensure that you are meeting the requirements of the GDPR. It adds a layer of security, ensuring that you are definitely getting the consent of the customer.
Double opt-in: This involves the customer receiving an email once they have given consent on the website to use their details. Only when the customer has confirmed the email will they be added to a mailing list.
Q. We send abandoned cart emails to our customers. Are we OK to continue with this under the GDPR?
If you are genuinely sending the email to help them complete the transaction then that may be OK. However, if you continue to contact the customer following that, you should gain consent to do so first.
Q. Am I OK to send emails to people who have recently purchased one of our products?
It is unclear whether the current ‘soft opt-in’ rules will apply after the GDPR in May 2018. It is expected that the ICO will clarify this in December 2017.
Soft opt-in: The soft opt-in rule allows you to send information about similar products or services to existing customers.
Look out for more updates and insights into the GDPR here as we get closer to the deadline of 25th May 2018. In the meantime, if you're still unclear of what the GDPR entails, or the benefits it brings, check out our previous blog here:
Now is the time to prepare for the GDPR. Don’t know where to start? We’ve put together a handy checklist below to help, but GDPR solutions will require a much more complex and strategic process.
- Have you started to think about the General Data Protection Regulations (GDPR) and how this impacts your business?
- Have you audited your current customer data for compliance with GDPR?
- Do you use bought-in lists of individuals’ data?
- Do you have a process for people that want to opt-out of receiving marketing information?
- Have you reviewed your email sign-up process?
- Do you have a policy in place for dealing with data breaches?
- Have you identified whether you need a Data Protection Officer?
- Have you thought about how you will deal with information access requests?
To have one of our digital experts audit your website’s data capture compliance, or assess the opportunities for your email marketing campaigns, call 01772 591100 or email email@example.com.