GDPR: what is it and what do I do?

Emarsys market lead for Australasia market lead Heath Barlow
By Emarsys market lead for Australasia market lead Heath Barlow | 24 April 2018

Alongside Australia’s recent roll-out of the Notifiable Data Breach (NDB) legislation, GDPR – otherwise known as the General Data Protection Regulation – has sparked fear and doubt into the minds of business leaders across the country. But what does it really mean? And how does this legislation impact us as marketers?

What is GDPR?

The GDPR is a new law coming into effect on 25 May 2018 that works to protect European (EU) citizens from breaches of their privacy and personal data.

However, it’s far-reaching nature means that it will impact organisations globally that not only sell to the EU, but also hold the data of EU citizens residing anywhere in the world.

GDPR will have serious implications in Australia, not least because of its prospective fines for non-compliance of over $AU30 Million, or 4% of annual global revenue.

It will also propel businesses toward a different way of storing, managing and using their customer data that ensures compliance and permission from the customer every step of the way.

In reality, these changes are purposed to direct businesses toward the evolution of data protection, putting consumers back in control of their data.

I’m a marketer… does this impact me?

The future of marketing is unquestionably data-centric and data-driven.

Already, we have seen marketing evolve substantially through the use of data to more effectively present customers and prospects with the most relevant content and offers at the right time and via the right channels.

Unfortunately, too many brands have used this personal data to exploit customers unknowingly, such as by selling email lists, opting them in for unwanted communications, and failing to provide safeguards for consumers to opt out or be forgotten.

As marketers, we don’t own customer data – we borrow it. It is shared by customers in trust and with the expectation that it will be used to improve their experience.

With this in mind, GDPR provides a safeguard for consumers to ensure that their sensitive and personal data is used appropriately and as authorised by the customer, rather than exploited.

More now than ever, data protection legislation such as GDPR is relevant and important for marketers. It will change the way we communicate with clients, and how we handle data.

It will reduce the risk of personal information being exploited or misused by limiting the amount of data that may be collected by companies, the way it can be used, and the amount of time that it can be stored.

With this in mind, Australian marketers need to consider how they can prepare for these changes.

What do I do now?

The most important thing for Australian marketers to action in light of GDPR is to take the time to educate themselves about what it is, and what its implications are for their operations.

Many marketers hold historic customer data but have little to no idea of where it came from, how it was attained, or whether the customer actually gave permission to access or use it.

With customers now entertaining multiple touchpoints with businesses across many different platforms, ensuring that consent has been provided across every one of these channels has become even more complex.

As a first step, marketers need to reach a point of knowing what data they hold, where they store it and why, as well as when, where and how it has been attained.

Further to this, it will also be vital to ensure that future marketing campaigns and activities implement a process that allows you to know which customers have consented to their data being stored and used, and for what purpose.

This might sound complex, but it may be as simple as revising the terms of the ‘opt in’ button on emails, surveys or on-site browsing.

While many brands have already begun to make these changes, having a unified view of your customer and all the data attained from that customer throughout time and across channels is crucial to not only being compliant with GDPR, but your ongoing success.

In many ways, GDPR serves as nothing more than a way to help consumers reclaim their data. But I would argue that for marketers specifically, it provides a positive catalyst towards the optimisation of your marketing activities using insightful and quality customer data.

comments powered by Disqus