May 25th, 2018 is probably marked in black on every marketer's calendar. It’s the day the GDPR - General Data Protection Regulation becomes active in Europe.
Today, ICT and legal are the two main departments working on GDPR compliance, but it is really time for sales and marketing to step up their game or they will fall behind!
GDPR. what is all the fuzz about?
GDPR is a set of rules and regulations around the use of personal data (and privacy) in the context of business activities. These regulations apply to all businesses in Europe and even outside of Europe if they are doing business in Europe.
Noncompliance with the GDPR regulation can lead to huge fines (4% of the annual revenue or 20M euro). GDPR is also conceived to protect the personal data that companies collect against leakage or theft.
As with any regulation, there is a jargon to be learned. Here are some items every marketer should know:
- Personal data = any information that directly or indirectly refers to an individual person
- Data processing = any operation on personal data in an automated form, or not including collection, recording, storing, consultation, etc.
- Data Controller = organization that collects and processes personal data
- Data Processor = any person or agency that processes personal data on behalf of the data controller
- Profiling = Any form of automated processing of personal data that analyzes and predicts certain aspects or behaviours
- Consent = freely given, specific and informed indication that the personal data may be used for processing
- Personal data breach = unlawful destruction, loss, modification or unauthorized disclosure of personal data (hacking, stealing, loss of USB stick, etc)
- Supervisory authority = in Belgium that is the “privacy commission”
GDPR implications for marketing
When it comes to marketing “consent” is the biggest challenge with many demanding angles:
- Getting people to consent can no longer be done using silence or pre-ticked boxes. Consent becomes a conscious action by the person.
- Consent is given for a specific purpose and for a limited time.
- The individual has the right to withdraw and/or modify his/her data.
- Getting the consent of people under the age of 16 requires parental consent.
- Companies will have to prove that an individual has given their consent freely.
When it comes to marketing campaigns, collecting and using personal data such as emails, phone numbers or other data will become a whole lot more challenging, not to say impossible.
Monitoring and retargeting potential clients (“profiling”) is the second biggest challenge.
brand advocates to the rescue?
Social media platforms such as LinkedIn or Facebook will have to revisit their consent statements and this might have serious implications on what kind of campaigns are still possible in the future.
Functionality might be reduced combined with limited organic reach.
Marketers will be challenged to get their messages in front of their target audience. To be honest, today the consequences of GDPR on social are still unclear but why wait and not look for good alternatives now.
Organic reach on social media has gone down considerably over the past few years. This has led many brands to start putting more money in social media ads and boosting posts to push their reach. The new GDPR regulations might affect this kind of behavior.
However, there’s one GDPR area that’s not being affected: one-to-one communication and sharing.
This is exactly where your advocacy program should focus on to get your advocates to share and amplify your (company posted) messages as individuals. These people are your ideal partners to broadcast your messages since they opted-in to receive information from you.
By utilizing your advocates' social media networks, you have the ability to reach a much larger audience and have your messages be seen by exponentially more people.
The biggest caveat being that your content has to be more value-adding and interesting to share.
This text was written by Mic Adam (Vanguard Leadership)