Data protection laws in the EU are due to change with the introduction of the General Data Protection Regulation in 2018. And whilst that might seem like a long way away, it’s important to start thinking about making changes now to avoid getting caught out when the time comes.
The GDPR will lay out new regulations on the way you handle your contact data, with the intention being to protect and increase the rights of the public and their information.
One implication of the new law is the requirement for clear and transparent consent to receive marketing communications. What does that mean? In most cases, it will require businesses to send all contacts a transparent request to either opt-in to future contact or opt-out, and you’ll need a record of that consent.
You will no longer be able to use pre-ticked boxes or ‘tick to opt-out’ boxes. Your contacts must clearly state that they want to receive more information from you in the future. If they don’t, it will be against the law to contact them again. Same goes for if they simply don’t respond.
As well as this, the new regulation will require changes in internal processes, new privacy statements, documentation of data subjects and proof of their opt-ins, amongst other things.
You have until 25 May 2018 to get new processes in place, to brief your team and to ensure your contacts want to keep reading what you have to say. And while the changes might sound daunting, there are things that you can do to make life easier when the time comes.
To help, we’ve come up with 6 ways to start future-proofing your business now.
1. Educate your team. They need to know that this affects them too. Make sure guidance is presented to them and is always available. Reinforce the key information regularly.
2. Assess your data. What will you have to do to comply with the regulations? Prepare to contact all your data subjects with an opt-in email. Your email must enable an opt-in, with no pre-filled boxes or ‘click here to opt-out’ options. Just solid, transparent information.
3. Invest in your content. Improving your content will drive those all-important opt ins. You have until the regulations come in to present your data subjects with high-value, interesting and relevant information. Showing them that your business can help them in some way is vital in gaining those precious opt-ins. Make sure data subjects don’t want to miss out on what you have to say – but don’t delay, start now.
4. Keep proper records. Create systems that will log when someone has given consent. Handling and organising your data will be super-important. Your records must provide a clear log of what consent has been given. But, that’s not all. You must show the statements used, what they have opted into and how the opt-in was displayed.
5. Be clear. Ensure your privacy notices are super-transparent and provide easy opt-out options. When the regulations come in to force you must clearly inform your contacts that they can withdraw consent at any time.
6. Allocate responsibility internally. There will be a requirement for someone in every business to take responsibility for data protection regulation compliance. Either assign a member of the team or look to hire a Data Protection Officer.
Recommended reading: “What changes can we expect with GDPR?” In this article we look closely at consent, as well as other topics that will affect your business as a result of the GDPR changes. It highlights potential issues and offers guidance on the steps you can take to make sure your company is ready for the future of data protection.
The countdown is on – GDPR is coming. And while BREXIT plans in the UK are currently up in the air, the new regulation will still apply (as it will to anyone marketing within the EU). While we wait for clear guidance from the ICO we can all start preparing, educating our teams and future-proofing our businesses.
If you would like to find out more about what we do, why not read our Essential Content Marketing for Lead Generation.