GDPR. One more reason to evaluate your marketing tactics now.

By | 18 January 2018

Did you miss it? Probably not! In May 2018 new privacy rules, contained in the GDPR, will become operational in Europe. And the closer we get to that date, the higher the interest in this subject. Google Trends analysis of search behavior in The Netherlands illustrates this.

The number of the articles and videos on GDPR grows as well. Usually they focus on what you may and must do. And the risk you’re running if you don’t. Even though that may bring some organizations in motion, it’s hardly surprising that this approach motivates few people positively.

Wouldn’t it be nice if we could develop a more positive approach, one that focuses on new opportunities? I think we can. For instance for companies in B2B that are still developing their marketing approaches, but haven’t got the idea that they have reached the final stage. Organizations that may have started with permission/inbound marketing, but are still thinking about account-based marketing. Companies that plan major steps forward in the coming months or years.

Organizations such as these need an approach that not only focuses on what is allowed and needed, but most of all on what they can do and want to. Preparations for GDPR then becomes an extra reason to evaluate your marketing approaches.

GDPR in a nutshell

The GDPR contains new rules for the registration and usage of personal information of European persons. These rules apply to all businesses targeting the European market, including businesses. B2C ánd B2B. The rules apply to the whole organization. Still I would like to focus here on the commercial usage of this information: the impact on marketing and sales.

One important principle of the GDPR is that permission is needed to use personal information of customers and prospects for commercial purposes. That permission needs to be given actively and a default filled checkbox is not enough anymore. Subsequently, it needs to be perfectly clear for what activities permission is given, so it has to be accompanied by a privacy policy. Lastly, persons have the right to learn what is registered about them and to ask for that information to be removed.

A waterproof system is needed to register these permissions: when has somebody given permission, for what purposes and with what privacy policy. Your company and organization is responsible for your suppliers (e.g. supporting your e-mail campaigns) as well and has to close processor agreements with them. And if things still go wrong you have to inform the appropriate authorities.

Linking commercial and legal disciplines

One of the complications of GDPR is that you need to bring together two disciplines that have different ambitions and don’t speak the same languages: commercial and legal. Often enough their contact lead to stagnation and digging in their heels. And that’s detrimental for a positive approach to GDPR.

It helps to have a model available that all parties understand and designates each responsibility.

Continue, introduce and discontinue

On the left side of this model marketing and sales enter their approaches of the market. In doing so differentiate between tactics you use now and plan to continue (e.g. newsletters) and those you’re still developing and considering to introduce in the near future (like possibly account-based marketing). A third category consists of approaches your employing now, but will discontinue – possibly because of GDPR – in the near future. You may think than of cold-calling a database of visitors to a conference you managed to lay your hands on.

GPRP Implementation model

Underlying processes

In general, legal people cannot follow-up on this inventory of tactics, with in their eyes ‘fancy’ names. Marketing and sales firstly will have to describe the processes underlying these tactics. Of course, this will involve the collection and registration of personal data.

Another process may be the registration of user activity with e-mails (like articles that have been clicked) and websites. Apart from these externally-oriented processes, internal process are of importance as well. If you export invitees to an event from CRM to Excel, there is the risk of leakage. Like the first column differentiate the processes in continue, introduce and discontinue.

The impact on privacy

With this overview, legal people should be able to give their input. Together they can determine the impact on privacy and describe it in four major parts:

  • Outward-oriented processes, like the process to collect and register specific opt-ins. In a lot of cases it is efficient to set up a portal, where your relations can update their personal data and preferences themselves.
  • Internal processes, like the handling of personal data and the distribution of rights to make exports (in Excel).
  • The privacy policy, that is published on the company’s website and has to be accepted in all opt-in processes.
  • The cookie policy, that describes what tracking of website behavior is done. The usage of cookies is covered not by the GDPR, but it will be covered by the e-privacy directive, which is expected to be renewed soon. For an integral approach it is efficient to include this impact in the process now.

Evaluate your marketing approach nów

The GDPR will be operative within a few months, 25 May 2018. Until then the current possibilities are in force, which are less stringent. Companies can use this period to approach prospects and customers within their databases and ask them for the newly needed opt-ins. After this period, this is much more difficult. This could be an extra reason to evaluate your current approaches.

Is your organization doing wat supports a professional and lucrative relationship with prospects and customers? Is your company employing tactics, that are not allowed under the new directive (and possibly not under the current directive as well)? Do you consider new marketing approaches and plan to introduce them in the near future?

Incorporate them in above-mentioned model to clarify the relationships betwee commercial approaches, underlying processes and the impact upon privacy. Then the model is not only helping you to prepare your organization to the privacy challenges of the future but to the marketing challenges as well.

Do you want to speak to me about this subject? Excellent! Please feel free to contact me without obligations.