As GDPR consultants we’ve heard every response to this EU legislation that came into force in May 2018. Some people have said it’s a ‘hammer to crack a nut’. Others have just thrown up their hand in horror. Mind you, there is another group, albeit a rather niche one, that has realised GDPR is a significant opportunity. How so, you might be asking? Let’s see.
Legislation is usually the result of something that has not been working effectively.
Laws help clarify expectation and also secure minimum standards. Usually, something has gone wrong and the law steps in. Data misuse has been rife since the beginning of the Internet. No one felt they had any control over their personal details. We signed up for an offer, a free download or whatever, and then had no real idea to whom our data might be sold.
Pre GDPR blind faith regarding data was not the way to go.
We couldn’t even guarantee the company holding onto our personal details was looking after them. Who was checking? Who could we ask? This ignorance and blind faith that everything would be OK was NOT the way to do business. Hence the landscape that ended up being the backdrop for the development of GDPR.
The European Union General Data Protection regulation protects our privacy.
We also have more control over the collection of our data and how it is used. This is a very good thing. This is where unregulated data collection practices cease and a brake is put on behavioural data collection. That can never be a bad thing.
Data begins with real people
Of course, it was going to cause uproar. Most people resist the idea of change, especially when it requires a complete disruption to the status quo. I was in a business networking meeting when a businesswoman talked about the difficulties of implementing GDPR for her company. Within minutes she was in tears. What was going on? Apparently, her late husband had helped create the 12K database and thinning it out would mean losing something she felt was very personal. Data may well sound inhuman and impersonal but remember it all begins with a person. This is what has been forgotten.
GDPR is an opportunity to do business differently
Think about it, you may have 12K cells on a spreadsheet but in reality what does that actually mean? How many active accounts do you have? How many people respond to the information you send out? GDPR has shown us that vanity metrics are not the thing upon which to base a business. It may well have been unwelcome because it caused additional work but GDPR is an opportunity to do things differently. We should embrace it.
6 ways GDPR can transform how you do business
1. People love transparency.
They like to know exactly what they are signing up for. Your GDPR and privacy policies should help reassure people their data is as safe as it could be. It builds trust and helps underscore your reliability. Why wouldn’t you want to celebrate and market that?
Just like HTTPS demonstrates you take security seriously GDPR should impact in the same way. If you can tangibly demonstrate ongoing compliance it shows you are not paying lip service to the legislation but have ensured it underpins your practice. This is another plus point for consumers.
2. If you have a smaller list of committed and interested people then you can start marketing in a different way.
Forget generic “spammy emails”. Create newsletters, podcasts, tweetups and communications, for example, that add value to the people you are serving. Start treating them like valued clients or potential customers and give them what they want, like and need. Basically, you need to bring your data to life. You will no longer be able to rely solely on behavioural data collection and that’s not a bad thing either.
3. We can no longer assume anything or take passive consent as permission to do our own thing.
People will actively and meaningfully say they want to sign up and understand to what and for what purpose. Would any of us willingly have signed up to our data being harvested so cynically by social media businesses like Facebook?
We can no longer apply an algorithm to drive inferences and target advertisements to personal data because we can. Not only this but people can actually demand you erase their data. It is their right. Not only this but you have 30 days to prove categorically that this has been done to their satisfaction. Isn’t that something to demonstrate you take other people’s data seriously and see it as a privilege not an expectation?
4. Undertake more local networking and get out and meet people.
The business card still has value and when you’ve met someone it’s much more likely you will respond to an email positively. We’ve all been sold the dream of connecting our business to the world. However, local business is powerful and human-to-human has never fallen out of fashion so far.
5. Go back to direct mail.
This is a great opportunity to create some really high quality and attractive direct mail shots that are likely to be opened. 51% of emails are deleted within two seconds of receipt (Litmus Email Analytics, 2013). Post works in a different way to email. Emails interrupt while snail mail will wait. You can keep it on your desk and return to it as many times as you need. More importantly, you can open it when you are ready.
6. Utilise GDPR Tracker and see how easy we can make GDPR compliance for your business.
It can help you manage every aspect of compliance and also prove you take GDPR compliance seriously.
We believe that improved transparency and increased trust must be a good thing for business and consumers. There should be real benefit coming out of the GDPR implementation and ongoing compliance. Who knows countries outside the EU may well fall into line. Then we can expect a total revolution.
What do you think about the impact of GDPR on your business and experience as a consumer? Have you had any positives come from it? Do you still have any questions or observations?
Could your business demonstrate GDPR compliance if someone asked you today?
You’ve done the hard work to become GDPR compliant but what if:
– You had a complaint?
– You had a request from a Data Subject to hand over their Personal Data?
– Or the ICO (Or your local Data Protection Authority) came knocking?
How quickly could you show someone everything you’ve put in place?
Fill out the form belowa to get your Free GDPR assessment – It could be the best 30 minutes you spend today.