As if it’s just a dark cloud in the distant sky, we tend to not care and carry on with our businesses. Until judgement day is finally upon us. We’ve all read about it. Heard about it. Complained about it and probably pushed it so far down our to do lists, it’s embarrassing. Yes… we’re talking about the dreaded GDPR, short for General Data Protection Regulation.
Okay, we admit: that may have sounded a wee bit dramatic. Still, the time has come to sit down and have a clear overview of what needs to be done. It will save you unnecessary hassle in the near future. As data is key to your operations, it’s imperative to know where you are and where you’re heading.
To simplify matters, and to get you started, we would like to address handling of data first. We’ve broken it down into 2 categories: future data and existing data.
Future Data
Companies/marketers/organisations/(fill in the blank) tend to collect as much possible data about their customers/prospects, and often store it for future use. Big data probably still rings a bell…
Up until now, this has never been a problem. But that’s about to change. The new regulations will force you to alter your approach. It’s no longer about collecting a mass of data for tailor-made campaigns, which you might consider in the distant future. Collecting data is now in function of what you will actually use, given the consent of your subscribers, within a timeframe.
When collecting data, be sure to keep these requirements in mind:
- You need explicit consent from each person, whose data you wish to store and use.
- Store the timestamp, source and context of your subscribers’ consent. You need to be able to justify this at any given time.
- You can only collect data that you will actually use and nothing more.
- You are only allowed to store data for as long you need it. In all other cases, you should delete or anonymise it.
- Always be transparent. A potential subscriber must know what he/she is subscribing for. And for what purpose their data is being used.
- Consumers should at all times be able to alter both their personal information as well as their consent.
This is not merely a new set of regulations. It’s a totally new approach to segmenting your database and handling the content of your campaigns. You need to be very clear on what it is you wish to collect data for. If you don’t need it, simply don’t ask for it.
Existing Data
Fact: collecting data has become a lot more restricted. Still, you can get prepared and make your data processing plans future proof. But what about your existing data?
All the points we addressed previously, apply to your existing data too. However, there are 3 extra focal points when it comes to existing data:
- Ability to prove consent
For everybody in your current database. You have to be able to prove when, where and for what particular reason people gave you their consent.
- Ability to prove recent consent
Consent needs to be recent.
- Ability to access your proof
You should be able to prove recent consent of your subscribers at all time. It is part of a new, more transparent approach.
One of your biggest challenges will be to sort out if all recipients have recently given their consent. And you need to be able to prove that. It’s time to check if recipients actually know what they’ve given their consent for. Be sure to check if your privacy policy is crystal clear and not full of legal jargon that’s hard to understand.
