The growth of big data has given marketers a wealth of new considerations to think about. Surely where that data resides is the least of your worries...
We wish that was the case. We know you’ve already enough things on your mind – personalisation, relevance, deliverability, customer retention, customer acquisition… the list goes on. But in the autumn of 2015, the European Court of Justice introduced a whole new level of complexity when it comes to data due diligence.
It was a turning point which meant that it was no longer enough to simply think, from a marketing perspective, about the quality, accuracy and currency of the data you hold. Now you have to pay close attention to how you manage that data too.
A number of brands already have robust data protection policies in place. They acknowledge the obligations they have to protect customers’ personal information for as long as they retain ownership of it. The prospect of a £500,000 penalty for a serious breach is usually enough to keep people alert!
But are organisations – and their marketing departments – fulfilling every responsibility?
On a simple level, it’s important to review the Terms & Conditions you set out when you capture or request data from a prospect or customer. If those T&Cs state that you will not pass the data on to a third party, but then you willingly hand the information over to a marketing automation provider, your paperwork needs revising. And fast.
But delve a little deeper into the component parts of the Data Protection Act and you discover that the eighth principle states, in short, that data which originated in the European Economic Area (EEA) should ideally remain in the EEA. Some industries, such as the world of finance, are legally bound by this principle. Others are heavily advised to abide by it, primarily because the EU has much more robust data protection laws than countries like the US, where ‘big brother style’ surveillance and interception is commonplace.
The recommendation became all the more pressing on 6 October 2015 when the European Court of Justice effectively tore up its Safe Harbour agreement between the US and EU. Following different widespread reports of screening, recording and even hacking, supreme officials declared that much more needed to be done in the US, to ensure a sufficient level of data protection as required by EU law.
This brings into question the validity of US suppliers’ data security promises, even if they have previously been Safe Harbour accredited. Of course they can say they abide by the principles of the Data Protection Act. However, if they misuse your customers’ data it will be you that faces the penalty, not them.
Why not use our free ‘Safe Harbour check tool’ to see if you’re affected?
The best way to ensure the security of customers’ personal data – not to mention your brand’s reputation – is to therefore use a UK-based marketing automation specialist that will house your data on UK soil. This reduces the risk of the sensitive information being intercepted or breached, when it is being stored, passed or utilised within a marketing campaign.
If you want to ensure your customer data is not at risk, further detailed information and advice is available in our jargon-free guide Data Protection, Handling & Housing.
Rather entrust UK-based Force24 with your marketing automation? Contact us to arrange a free demo.