If you’ve read our previous blog posts on GDPR, you’ll know that a brand new set of data privacy regulations will be introduced on the 25th May — a date that seems closer than ever now January is upon us — and failure to comply is not an option.
While implementing GDPR will come with a few challenges for businesses and marketers, clear and consistent data privacy regulations across Europe will certainly have multiple long-term benefits for companies and consumers.
So, with the deadline approaching fast, perhaps we all need to include GDPR compliance in our list of business resolutions in 2018 and give our data collection and storage procedures an overhaul ready for the May deadline!
Get started with these key steps:
Complete a mailing list audit
According to GDPR, individuals need to express “freely given, specific, informed, and unambiguous” consent for their data to be used reinforced by a “clear affirmative action”. Therefore, to be compliant, you will need to remove all users from your mailing list where there is no record of an intentional opt-in.
If you have purchased mailing lists in the past, you will also need to remove those contacts and rely on more organic data collection methods going forward.
Whilst you may lose a large percentage of subscribers, you will be left with a list of consenting readers that are more engaged and receptive to your marketing content.
Implement a new mailing list opt-in procedure
With your current mailing list organised and fully compliant, you now need to put a system in place that will ensure that all new customer data is collected in alignment with GDPR going forward.
Include dedicated sign-up forms throughout your site that will allow users to intentionally add themselves to your mailing list. Ensure that each subscriber confirms that they want to receive communications by sending an automated email to confirm the subscription.
Optimise your customer data storage
Still using an Excel spreadsheet to store customer data? You might want to invest in a CRM (Customer Relationship Management) system. Most systems will not only keep your customer’s data secure and organised, but it will allow users to access and remove their data from your systems quickly and easily.
Giving users this ability is essential to GDPR, which aims to offer users more control over how their data is collected and used. This includes the ability to access or remove data, known as “the right to be forgotten”. Offering a clear unsubscribe link in all marketing emails and a link to a user profile where users can modify their preferences is your best bet.
For more information on GDPR, be sure to check out our previous blog posts in this series.