OK, let’s be honest – the new General Data Protection Regulations are pretty demanding, rigorous and perhaps a little daunting. For many marketers, they've created a fairly long ‘to do’ list, long before they’re even implemented on 25 May. So to cover them in a nutshell… is this really possible?
Well, we figured it’s worth a try because:
- A number of marketers are still coming to us asking exactly what impact the fresh legislation will have on their everyday activities, and;
- Once the intricacies of the law have been digested there’s then the even more important question to answer – ‘What do I do now to ensure compliance?’
So, GDPR in a nutshell – here goes…
There are a number of key themes for marketers to consider. This is not an exhaustive list and marketing is not the only business department to be affected. GDPR will have a wide-reaching impact on an entire organisation and it is important that everyone has at least some grasp of the legislation and the need to protect individuals’ data. Further research should therefore be conducted via resources such as the Information Commissioner’s Office, for a complete understanding.
But back to what it means to marketers…
The key themes include:
- The transfer of data outside of the EU, which could cause issues if using a US marketing automation platform.
- The right to be informed which means customers and other contacts must be clearly notified as to what they’re granting permission for and how their data will be used. Ambiguous opt-out checkboxes will no longer be acceptable.
- The right of access which, for the first time, will give individuals the opportunity to obtain all personal data held about them, without cost.
- The right to rectification if data is incomplete or inaccurate.
- The right to be forgotten – people can ask for all data you hold on them to be permanently erased.
- The right to restrict processing which means it may be acceptable to store an individual’s data but not take any further action with it.
- The right to object will now give individuals the power to say no to certain uses of their personal information, such as profiling for marketing purposes.
- Rights in relation to automatic decision making. For example, individuals will soon be given the opportunity to have human intervention in a decision that may previously have been made solely using an automated processing method, if that decision produces a legal effect such as the declining of a credit card.
So now what?
We’ve homed in on these themes and taken the topics one step further in the Force24 GDPR compliance and guidance statement, which can be accessed for free via our content lab. The idea is that this working document will provide technical yet practical advice to tackle each of the key areas, and our own in-house GDPR pros will keep adding to the guide when we’ve more insight and tips to offer.
It’s all part of our commitment to being the most GDPR compliant automation provider in the UK. If you’d like to see the platform for yourself, why not book a demo?