The focus on data protection has never been greater. The scandal of Cambridge Analytica’s use of Facebook users’ information has put the issue squarely in the public consciousness.
But businesses were already asking themselves questions about their customer databases as the deadline for GDPR compliance approaches on May 25.
Those letters – they stand for General Data Protection Regulation – are looming large in tech marketing and technology PR circles as they are throughout industry, with some sectors concerned about the business impact.
GDPR compliance means anyone whose personal data you hold electronically should have given explicit permission for their information to be stored by you and agreed how it can be used.
If GDPR had been in place, those 87 million people whose data Cambridge Analytica got to would have been asked for their permission three separate times.
Your firm achieves GDPR compliance if instead of opting out of sharing data with your business, individuals have to opt in. So even though all those people who haven’t opted out of your email marketing updates, for example, are still on your old customer database, they will be off-limits come the May 25 GDPR deadline.
Some businesses have seen their email databases shrink by 90 per cent as they put their GDPR compliance plans in action and will be worried about what they see as a contracting prospective client base.
But their first concern should be nurturing those clients who have opted in. You could look on them as hot leads, as they have taken the step of expressing their interest in your goods or services.
Perhaps they are more likely to open your emails rather than ignore them or bin them, like the former contacts who didn’t opt in.
With those who remain in contact with the business, it’s of supreme importance that you give them relevant, engaging content that compels them to keep coming back to you and your website. Demonstrate you value them by adding value to your interactions – show them they’re more than a name in your customer database.
Use the data they have allowed you in ways that enhance your relationship and personalise their user or client experience. Those massive one-size-fits-all email marketing campaigns are redundant – give the client what they want.
Just as businesses will have to work a little harder to maintain their contacts, potential clients have to be approached in a different way – that casual exchange of email addresses is not a licence to add them to your database.
Of course, there are other concerns. One of the biggest challenges of gaining GDPR compliance cited by the tech industry is the cost of hiring data protection officers.
Technology companies also face difficulties in documenting all the personal data they store and being able to selectively delete an individual’s information on request.
And a fear for technology marketing is that customers will use their right to download and take away their data, then hand it to a rival company.
Then there’s the issue of identifying and reporting data breaches within 72 hours, although such a tight deadline is understandable in these days of identity theft.
Bear in mind that GDPR compliance does not just mean being compliant on day one and day one only. This new data regulation has to be adhered to in an ongoing manner.
If your company is trying to be vigilant and compliant, that puts you ahead of the firms which are ignoring the issue and cracking on regardless – that will leave businesses with egg on their faces and a dent in their bank balance.
Make sure your company takes good advice. Those that don’t take an action will be come down on hard. And big fines are a business impact nobody wants.
Getting it wrong will be costly – fines can be up to four per cent of global revenue or 20 million euros, whichever is greater.
We are PR and marketing specialists – with our finger firmly on the technology pulse. Contact us on 0800 612 9890.