General Data Protection Regulation (GDPR) has changed how companies collect data and communicate with prospects and customers. This new legislation which came into effect in May 2018, impacts many different areas of a business, one of these being the collection and use of data for marketing purposes. Despite this, almost half (41%) of marketers admit that they don’t fully understand these laws and what they need to do in order to comply.
This is bad news, because failure to comply with GDPR can have damaging implications for a business, not least of all because you’ll face a pretty hefty fine. Those who don’t follow the rules also run the risk of damaging their reputation and deterring customers from choosing their goods or services in the future. But with Christmas just around the corner, many businesses are gearing up to start sharing their festive promotions and these also need to comply with GDPR.
So, whether you’re new to the marketing industry or you need to brush up on you GDPR knowledge, this guide can help. Below we’ll look at how this new legislation can affect your marketing efforts and the rules you need to follow when sharing Christmas promotions, to ensure that your business is GDPR compliant.
What Is Gdpr And What Does It Mean For Marketers?
GDPR was put in place to standardise privacy legislation and protect the personal data of all EU citizens. What this means is that all businesses now have to make sure that security and privacy is built into all their digital products or websites, that they are careful when processing personal data and that they receive permission from customers or users of their site to use this data. This new legislation is not optional, it is a legality and companies who don’t follow the rules and comply with GDPR can be fined.
While this all sounds a little scary and like the new rules can be restricting and let’s face it, time consuming for businesses, GDPR does present an opportunity for marketers. The new rules around transparency, gaining consent and giving customers and prospects a say in how their data is used, gives marketers a better opportunity to create targeted and successful marketing campaigns.
How To Follow Rules For Christmas Promotions And Remain Gdpr Complaint
GDPR can feel like a daunting concept, and this is completely understandable! There is a lot to take into account and if you get it wrong you could face a large fine and damaged reputation. But if you implement best practise from the very beginning, you can make GDPR much easier on your marketing efforts.
So, as you prepare for the festive rush, here are four rules to follow when creating and sharing your Christmas promotions.
1. Be sure to get consent
This is a big one! If you don’t ask for explicit consent to store and use the personal data of a customer or user, you are not complying with the rules of GDPR and could face repercussions. But consent can on occasion be a grey area, so be sure to get clued up on how GDPR defines personal data, consent and what you need to do to ensure you are following all the rules.
There are a number of ways you can ask for consent from customers, but the easiest way is through sign up forms. For example, over Christmas you might be running a promotional discount for first time buyers if they sign up to your newsletter. These forms should be easy to understand with no complicated language, ask explicitly for consent and give the user options for how and when they want to receive marketing materials from your company. They must also outline how their data will be used.
2. Be careful with your checkboxes and opt-outs
As part of getting consent from prospects and customers you can use checkboxes and opt-ins, but you need to be careful when doing so. An old marketing technique was to make it mandatory to receive marketing promotions if you wanted the discount or to pre-tick the checkboxes in the hopes that those signing up wouldn’t notice and uncheck them. In order to be GDPR compliant this is no longer an option. What’s more, you can no longer include checkboxes that say ‘tick her if you DO NOT want to receive emails’ because this can be misleading.
So when you run your Christmas promotions this year it’s best to keep it simple and of course to make sure you’re not doing any of the outdated (and now illegal) techniques above to grow your mailing list. In order to feel safe in the knowledge that you comply with GDPR, it’s best to include one tick box that asks if they consent to your business using their data. You can create additional T&Cs or ‘privacy policy’ pages for users to access should they want to know more about what they’re consenting to. Make these easy to find by including a link to them on your sign up forms.
3. Only use the data for its stated purpose
When collecting data through your site, you must explain to the individual how and why their data will be used. This gives them the chance to opt out. However, if they give consent for you to use their data for the intended purpose, you must only use it for that reason. In this case it’s likely that they’re signing up as a result of your Christmas promotion. Therefore, you should never share these details with third parties or use them again for other promotions after this, unless you’ve asked for and they have given explicit consent for you to do so.
4. Don’t keep the data longer than you have to
Part of complying with GDPR is only keeping data until you have used it for its original purpose, after that you must delete it unless the customer or user has specifically opted in to receive other communications from you. After all, just because someone was interested in your deals or products over Christmas, this doesn’t mean they want to receive marketing materials from you for the rest of their life. They may have only visited your site in order to buy a gift for someone else or for something specific to the festive season.