So it’s ‘panic time’ everyone has got to ‘opt-in’ and ‘re-consent’.
That single action could cost you your database.
Let’s be realistic, if you send your entire contact list a request similar to this….
“The changes being introduced with the new data protection regulations (GDPR) mean we can only continue to send you communications if you provide your consent. Please reply to this email to confirm you would like to remain in our database.”
The likely outcome… most contacts will ignore it.
Does this mean you can no longer communicate with them? Well…. as you’ve relied on ‘consent’, and you no longer have it… that might be a bit of a problem.
Surely GDPR is about being sensible with your data. Understanding where it is, why you have it and making sure it is being used wisely for your contacts best interests.
Do you have a ‘Legitimate Interest’
The GDPR identifies six lawful grounds for data processing. One of these is processing under ‘Legitimate Interests’. It might be that this applies to your marketing efforts…
Recital 47… Such legitimate interest could exist for example where there is a relevant and appropriate relationship between the data subject and the controller in situations such as where the data subject is a client or in the service of the controller.
The processing of personal data for direct marketing purposes may be regarded as carried out for a legitimate interest.
GDPR : Three Top Tips
Top tip #1: Get your business / organisation registered with ICO
The Data Protection Act 1998 requires every organisation that processes personal information to register with the Information Commissioner’s Office (ICO), unless they are exempt. Failure to do so is a criminal offence.
Top tip #2: Dont panic, read their Guide to the General Data Protection Regulation (GDPR)
ICO are the ones ‘policing’ the GDP and they have really useful guidance notes.
Top tip #3: Consider a ‘Legitimate Interests Assessment’
Aside from the GDPR requirement this assessment could unearth some hidden opportunities within your data.
If you have been managing your data in an appropriate way the GDPR should be a ‘layer’ of additional good practice, rather than the significant drain on time / resources it seems to have become for many businesses.
Daniel Plowright – Enquir3
P.S. I’m not a lawyer, this is simply my ‘commercial view’.