If the authorities deem a marketing company or department to be in breach of GDPR rules, then they have the power to lay down heavy fines. Such rulings are designed to deter marketing organizations from holding unnecessary data, outdated data, and data that has been requested to be removed by the individuals it is stored on. For digital marketers especially, where the collection of client and public data often occurs, ensuring privacy regulations are properly adhered to can make all the difference with such rulings.
In other words, marketers have to show that they have applied with the spirit of the GDPR rules as well as the letter of the law. If you are open and transparent with your activities regarding client confidentiality, for example, then it less likely that a severe ruling will be handed down. On the other hand, marketing professionals who are more guarded in their approach can face the stiffest penalties if they suffer a data breach or their data removal systems are found to have been inadequate.
How should marketing teams manage the data they need to store to do their jobs effectively whilst balancing the rights of organizations and individuals to data privacy? Read on to find out.
First of all, it should be mentioned that many consumers think that businesses are not doing enough to look after their privacy. Although the law has been updated in recent years to counter these concerns, many people still think that their data is not looked after properly. Therefore, marketing professionals can do their brand a great deal of damage if they are not seen to be up-to-date with all the latest privacy rules. Indeed, tarnished reputations may never fully recover following a significant data breach, for example, or when database information is inappropriately shared by marketers.
There is nothing new with using the digital realm to market successfully to current clients or registered users who have shown in an interest in your products and services in the past. That said, if you want to send your latest offers to the email addresses you have in your database, then you will have to gain informed consent for this. Equally, you must now provide a simple means for those people you are reaching out to unsubscribe from your digital marketing activities. Remember that this is not simply about avoiding rulings from digital regulators but making it clear to clients that you take their digital rights seriously. Without such measures in place, you will create the wrong impression which could lead to people being put off procuring your company’s goods and services altogether.
Bear in mind that deleting information and records does not always get rid of it completely. When you delete a client’s email address or other personal details from your database, it may be deleted from a server but their information could still be held on other records or computer terminals. Moreover, deleted data remains accessible if the hard drive can be obtained. Therefore, professionally destroying data with degaussing techniques, erasing all of the data on a drive with software, or physically breaking it up will be necessary to comply fully with the rules and avoid potential data breaches.
Data is necessary for digital marketing. What is held, however, should be appropriate for the sort of marketing activities taking place. It should be held with informed consent and it should be destroyed when it is either no longer needed or when that consent is removed. If marketing professionals put measures in place to handle these considerations effectively, then the worst penalty rulings available to the data authorities should never be handed down.
Author Bio: This article was written by Peter Desmond, Marketing Manager for Wisetek, who are global leaders in IT Asset Disposition, Data Destruction & IT Reuse. Wisetek helps businesses ensure they meet their legislative requirements regarding destroying customer data when it is no longer relevant.
In May 2018, the General Data Protection Regulation (GDPR) went into effect. The new rules apply to the way companies protect and handle information collected from citizens living in European Union (EU) countries.
However, about 75 percent of brands see GDPR as a challenge to implement, and around 42 percent of brand websites still aren’t GDPR compliant. Taking steps toward protecting the personal data of consumers is a positive change, but the results of GDPR won’t appear until most sites come on board and figure out the best ways of protecting data.
The impact of GDPR on the web industry is multifaceted. Here are seven ways GDPR creates a change online and predictions for where the regulations will go in the future.
Think through the reading level of your average customers and stay away from legal style language. If you need a lawyer to translate the policy for you, then it needs to be rewritten so your users understand it upon first glance.
One of the elements of the GDPR includes a responsibility for companies to keep information secure. Appoint a data protection officer (DPO) and ensure they have the tools needed for secure data storage. The DPO serves as a point of contact for consumers with questions about how their data is stored.
The new rules require companies to outline how information is shared with third parties. This change is both positive and negative. Consumers’ information is more secure because companies are less likely to sell data without informing their subscribers of the possibility. However, fears of regulatory laws limit how two or more companies work together and share data between themselves, reducing promotional opportunities for businesses.
The GDPR is changing the invasion of privacy perpetrated by companies such as Google and Facebook. In the past, you had no choice but to accept their demands to access all sorts of personal information to use their platforms.
However, Facebook and Google face $8.8 billion lawsuits for not giving users a way to use their platform and still opt out of sharing information such as what types of searches they’re conducting. Specifically, they’re in trouble for their predictive search bars that show users what others have searched for.
The GDPR forces big brands into considering the privacy of the average Internet user. Although this is a pro for consumers, it’s likely going to change the way you use Facebook and Google’s search engines.
Some brands balk at initiating a bunch of new policies and following regulations when they aren’t even located in an EU country. Already, a few brands have refused to do business with consumers in the EU. Opponents point to the vague language of the GDPR as an area of concern. However, expanding into global business provides you with an additional customer base you otherwise wouldn’t have. Once the cases against giants Facebook and Google complete, rules should be a bit clearer and help smaller brands understand what changes they need to implement.
Lexie Lu is a designer and writer. She loves researching trends in the web and graphic design industry. She writes weekly on Design Roast and can be followed on Twitter @lexieludesigner.