Panicking about GDPR? Don’t. B2B Marketing’s expert and regular guest speaker on GDPR, Paul Snell, has compiled a list of the most frequently asked questions – and his advice
2018 is well underway, and for marketers that means just one thing – GDPR is right around the corner, with only a few months to go until deadline day.
There’s no point burying your head under the duvet and hoping GDPR will go away just like your New Year hangover did. It’s time to get going if your organisation is to be ready by the 25 May, when the new European legislation comes into force.
We’ve identified the most commonly asked questions from B2B marketers on GDPR. Here goes…
Q: Help! I haven’t even started to prepare for GDPR. How on earth can I ensure I’m compliant by the deadline?
The first thing is not to panic. There’s nothing like a deadline to focus the mind, and you do still have time to put things in place.​
“You’d be shocked to learn some of the names of those who haven’t done stuff. And then there are those who have been working on it for two years,” says Elle Todd, partner and head of digital and data at law firm CMS, at our recent event ‘GDPR: Obstacle or opportunity?’, held in association with twogether.
“I think if you’ve done nothing you can still be completely compliant in these four months. It’s about focus and understanding, not agonising over some of the decisions.”
Q: Our organisation is preparing for GDPR, but the marketing department seems to have been ignored. How can we get some attention?
It’s a common complaint. While senior executives fret about the implications of GDPR on IT, legal or HR, marketing’s either forgotten or ignored. And this can have negative consequences beyond the potential risk it exposes, says Dan Sullivan, head of marketing, capabilities at KPMG.
“There’s a real tendency for the marketing department to be overlooked in the conversation about GDPR, and to have some really rigid rules forced on it that aren’t going to work – medicine that feels like it’s going to kill the patient, not cure us,” he adds.
Holly Harding, EMEA marketing programmes manager at Hitachi Ventura, suggests finding allies within your organisation with whom you can tackle the problem together. “It’s about getting the right people involved in the process across the business,” she says. “Having buy-in from various different departments has been crucial in seeing it from all angles.”
Q: Is GDPR really all bad news? Surely there must be some positives?
A survey, carried out by software provider Veritas, found 95% of respondents believe there will be positive outcomes to being GDPR compliant, with just 3% predicting the opposite.
Compliance should improve the quality of your data, from which you should be able to generate more insights into your audience. While compliance is mandatory for organisations, those able to market the way they protect and care for personal data will gain a competitive advantage.
The onset of GDPR also offers a great opportunity to re-evaluate your marketing strategy. Do you ever feel that you’re stuck on a hamster wheel, sending out emails just for the sake of it? This is a fantastic opportunity to consider a more effective, more creative, and – dare we say it – more fun approach to marketing.
Q: I’ve no idea how or why so many individuals ended up on our database. Do I have to re-permission them ahead of the May deadline?
That will depend on which legal ground you choose to process the data you already have. Although much of the focus for marketers has been on ‘consent’, there is now a groundswell of interest among B2B marketers to use ‘legitimate interest’. Even the ICO says “if consent is difficult, look for a different lawful basis”.
There’s no problem with this – the GDPR states that processing personal data for direct marketing can be considered a legitimate interest. But legitimate interest is not an excuse to carry on behaving as you always have done. Any use of legitimate interest must be balanced against an individual’s rights, and whether they would “reasonably expect” their data to be processed. As we wait for further guidance from the regulator, key steps are to establish what represents a legitimate interest for your business, and how you define factors such as ‘engagement’ and ‘customer’.
“This [GDPR] is a fantastic opportunity to consider a more effective, more creative, and… more fun approach to marketing”
If you intend to pursue consent – and you don’t know if the individual has given it, you will need to re-permission. But, make sure you have the systems in place to record consent before you get going, or any re-engagement strategy will be for nothing!
Q: What’s the secret to a great re-engagement campaign to drive opt-ins?
Over the next four months, European marketers who are pursuing consent will undertake a campaign to re-engage their database. How many do you think people will click on before they lose interest?
Yours will need to stand out, so make it as human as possible and give it a personality. Limit yourself to a single call-to-action.
The four key points to get across in your message are:
- How you got their details.
- Why you’re contacting them, and why you want to re-engage.
- What you want to send them in the future.
- How they can manage their consent.
There’s no big secret to a successful re-engagement email, the same factors that drive engagement with any marketing email are applicable.
Improving the conversion rate of the landing pages you use to drive opt-ins is also vital, says Michele Reale, media director at twogether. “Conversion rate optimisation has probably been undervalued from a B2B point of view. Because we’re all aware the B2B buying cycle is very long, converting that landing page to be the best it can be is not a high priority,” he explains.
“GDPR will likely mean lower traffic from email marketing, hence a lower volume of leads. There is an argument that we need to aim for better quality, so CRO is a really important area to start thinking about – and to put some investment behind.”
This free comprehensive guide explains what the General Data Protection Regulation (GDPR) is, how this incoming data protection law will affect your organisation, and the practical steps to take to prepare for it.