By now, most marketers are aware of the impending General Data Protection Regulation, a European Union initiative designed to give consumers greater control and transparency when it comes to the personal data companies are collecting and storing. The compliance deadline is May 25, 2018, which means any business that hasn’t reviewed its policies and practices is running out of time.
Although the GDPR currently only applies to companies that possess data from EU residents, many experts believe similar regulations will start emerging elsewhere. It’s best to prepare yourself and become compliant now, even if you don’t currently have overseas customers.
Here’s what Forbes Communications Council members say every marketer should do today to ensure GDPR compliance by the deadline.
1. Learn more about GDPR and create a game plan.
Since GDPR is a new EU regulation, the best first step marketers can take is to learn more about it and how it affects their marketing plans. They may want to consider working with a compliance moderator along the way. Companies should carefully review their privacy policies and processing activities to ensure that any affected procedures are updated to meet compliance mandates. – Michael Lazar, ReadyCloud
GDPR is leading the way for future data privacy regulations around the world. Even if you won’t be affected by it immediately, expect similar compliance policies to roll out in your region soon. Start by simplifying your data privacy statements so your customers can understand and trust their information to you. This way you’re minimizing complaints that could lead to steep sanctions. – Xuan Liao, LisbonTech
3. Keep consumers updated about their privacy rights.
Companies and marketers should always adhere to best practices and be vigilant in their communications to clients/consumers regarding their privacy rights and policies. Keeping the consumer informed and providing their rights to know will reestablish consumer trust and force company accountability. – Mia Tinari, Tait Towers
4. Announce your GDPR compliance.
On an organizational level, GDPR needs to be addressed publicly with an announcement of compliance on corporate websites. Since explicit customer approvals must be granted, it makes sense to invest in targeted account-based marketing activities because there are no longer loose opt-in policies. Also, creating double opt-in campaigns for existing contacts is crucial for marketing success. – MaryAnn Holder-Browne, One Network Enterprises
5. Implement tools to get user consent.
For marketers, it is important to implement tools to get and document user consent. Under GDPR every user needs to provide opt-in consent before marketers are allowed to track, retarget or mail those users. It also must be easy for users to revoke their consent at any time and have a clear understanding of who is using their data and what it is used for. – Marcel Hollerbach, Productsup GmbH
6. Audit your current lists and cleanse your data.
We all know buying email lists is bad, yet some continue to do it. With GDPR fast approaching, now is the time to ditch list purchasing once and for all and give your data a good cleansing. Your data needs to be complete, including country-level data and, most importantly, consent. Take the time to audit your data and fill in the holes before it is too late. – Patrick Niersbach, InContext Solutions