GDPR is not an acronym for a Soviet era eastern European state but is the General Data Protection Regulation coming out of the EU one year from now. For marketers all over the world, particularly those involved in digital and DM, it will have considerable implications. Not the least will be the prospect of fines of €20m or 4% of global turnover, whichever is the higher, for non-compliance when using consumers’ data within the EU.

  • Where marketing is concerned GDPR completely changes the way consumer data needs to be handled, and there will be a need for organisations to clearly demonstrate how they will meet the new lawful conditions.

  • From May 25th 2018, collection of data will only be allowed provided it is relevant for a particular purpose. This means if consumer information is to be used for a specific campaign or competition, that’s all it can be used for. Should a marketer wish to use consumers’ information for another purpose, then further consent will be needed.

  • Moreover, consumer consent within digital and DM spheres will play an even bigger part than within current regulations. According to the new GDPR regulations ‘consent of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by clear affirmative action, signifies agreement to the processing of personal data relating to him or her’.

  • Marketers will have to record how and who gave consent; and it must be as easy to withdraw consent as it is to give it. This will have to be shown by both company policy and process, including the need for multiple consents for multiple purposes.

  • Consent will not be considered freely given if a consumer has no genuine or free choice so the days of silent consent, pre-ticked boxes or inactivity will no longer constitute consent.

  • In essence therefore, GDPR means that consent must be given and not assumed, the purpose for collection of a consumer’s data must be clear, requiring some form of physical action to gain consent.

Marketers will have to align themselves with the GDPR principles, reviewing and cleansing databases to ensure existing consumer consents have been granted lawfully and fairly to avoid fines; and that it is explicit and used for specified, legitimate purposes. Significantly, online identifiers such as IP addresses, cookies, mobile IPs and even search engines will fall into GDPR scope. For many marketers they may well need to reassess their databases and best practices to ensure they meet with the new regulations.

Alternative Text
Posted by Lawrence Janes

My expertise has come from working with some of the world’s leading retailers and brand owners. These include the likes of Carrefour, Kroger, Tesco & Walgreens; Danone, Johnson & Johnson, Nestle, Pepsico, RB & Unilever.

Featured 6

Leave a Comment

Your email address will not be published.