GDPR and E-Privacy
How do you currently manage your customers and generate new business from prospects?
Most companies will have a database of both customers with who they have a great relationship and a list of prospects, companies and contacts that they are not yet working with whom they would like to.
In order to win business you have to be able to build a relationship with those prospects. This may be done using content marketing, incentivisting traffic to your website to access white papers or thought leadership content. You may have an inside sales team cold calling or even use an Agency like BID to generate those sales opportunities for you.
In May 2018, GDPR and the E-Privacy legislation will come into force. The way in which you need to manage data and consent for engaging with prospects will change and the risks associated with not doing so increase significantly.
You therefore need to develop and implement a strategy to ensure that your data is compliant with the new legislation and that your lead generation and ability to win new business is not impacted by those changes.
So, what do you need to do now?
Stage 1: Understand the implications of GDPR and E-Privacy
This may be a blindingly obvious statement, however GDPR will impact on the way you manage all aspects of your data. You need to review your data security, how you store and process information, how you process data change and how you can undertake sales and marketing campaigns going forward.
It is also important that you understand the potential risks to the organisation of failure to comply with the legislation and that you appoint a Data Officer with responsibility for managing all aspects of GDPR. Equally, you will probably need to update your privacy statements and ensure this is up to date on your website and available on any client communications.
Stage 2: Review sales and marketing strategy
Who do you want to target and how do you want to target them. This will require you to look at any inbound or content marketing strategies you have and re-assess them in the light of the legislation.
You will also need to do the same with any outbound activity you are undertaking. Do you have consent, will you use legitimate interest as a means of contact. If you use any third parties (data suppliers, telemarketing agencies etc) then do they have a clear GDPR strategy?
Stage 3: Will your CRM allow you to manage the new rules?
The onus will be on you to demonstrate consent. This therefore needs to be recorded and able to be audited by your appointed Data Officer. Your process should allow you to record consent for each channel, with the consent timestamped as best practice will undoubtedly require you to re-seek consent in the future. Individuals will have the right to ask you what information you hold, and even exercise a right to be forgotten. Will you have a process in place that will allow you to manage this?
Stage 4: Audit your existing data – where are the consent gaps?
What information do you store on customers, where did this information come from and do you have any registered consent from them for ongoing marketing communications? If not, then this is something you are going to need to address.
Consent will need to be ‘clear and unambiguous’ and this applies to each channel of communication you wish to use. You therefore need permission to process the data and to communicate to the data on an ongoing basis.
If you don’t have consent you can still call them in order to get this, but you have to make sure you are screening your data against the CTPS list to do so? If you’re not doing this as part of your data compliance strategy now then you are already potentially at risk!
Stage 5: Fill in the gaps…….
Once you have identified where there are shortfalls in your existing data, implement a campaign to ‘fill in the gaps’ of consent. This will ensure that you will not lose significant chunks of valuable marketing data post May 2018. This should include designing opt in emails and then calling those that either opt out or do not respond.
Your marketing database is a key business asset, therefore make sure it is not impacted.
Stage 6: Ongoing Campaigns.
Incorporate GDPR compliance into all of your customer and prospect engagement as a matter of course. This should include and outbound calling, event attendance etc.
GDPR does not have to impact on your sales and marketing success – talk to BID Marketing and we can help you understand the risks, assist in your journey to compliance and finally help you generate new business going forward.