THE BEST WAY TO SOURCE DATA
When it comes to bad data, businesses are losing out. With so many options for sourcing data, what’s the best choice for you and your business?
Read moreHave you ever wondered how your business obtains, stores, and uses customer’s personal information? When the General Data Protection Regulation – also known as GDPR – came into play, many marketing firms feared it would create barriers to information sharing.
Rumours about huge fines for any non-compliance and misconceptions about the amount of time staff would have to commit to data protection were rife. Not to mention the anxiety it caused marketers over the future of telemarketing processes and campaigns.
Here at Blueberry, we are fully committed to data security and data quality, which is why we provide companies with free data audits on their current customer or prospect data. This includes identifying any data quality problems and assessing your data integrity.
Want to find out more about the benefits about a GDPR compliant workplace? Distinguish between fact and fiction by reading our article refuting the top five myths surrounding GDPR.
The Data Protection Act 2018 protects and governs your information through the General Data Protection Regulation (GDPR). By providing a legal framework to keep your data safe, companies are required to employ robust procedures to handle and store personal information. It also protects individuals from being contacted without their permission.
While it’s true that your firm could face fines for not taking sufficient security measures to prevent or contain a serious personal data breach, each fine is determined on a case-by-case basis. Any penalty issued by the ICO (Information Commissioner’s Office) is intended to be effective, dissuasive, and proportionate to the offence. Ultimately, fines depend on the level of infraction. On the high end, companies could face fines of up to 4 per cent of their global turnover or €20 million, whichever is highest.
A data breach describes any circumstance where an outside body gains access to user data without an individual’s permission. In many breaches the data is used maliciously against users. According to the GDPR, businesses must provide adequate notice should any data breach occur. Firms have 72 hours to notify the appropriate data protection agency and must inform affected individuals without delay.
The GDPR is creating higher standards when it comes to consent. A pre-ticked opt-in box does not constitute a valid consent and companies must make it easy for individuals to withdraw their consent. Nonetheless, consent is just one way to comply with GDPR, but it is not the only way. The GDPR provides several legal bases for processing data: consent, performance of a contract, a legitimate interest, a vital interest, a public interest, and a legal requirement. Direct marketing is recognised as a legitimate interest. And while this is not an all-access pass to contact whoever you want, there may be legitimate grounds to process data in marketing operations.
This may well be the case if your marketing strategy involves bombarding people with unsolicited, untargeted, mass marketing messages. But if this is true, you really should be rethinking your marketing methods anyway. By managing contact preferences and keeping your marketing lists focussed on those that are genuinely interested to hear from you, your firm can boost marketing conversions and ensure GDPR compliance.
The GDPR also sets out several key principles that should lie at the heart of your approach to processing data: lawfulness, fairness, accuracy, and transparency are central factors. Others include purpose limitation, data minimisation, storage limitation, integrity, confidentiality, and accountability.
Telemarketing and email marketing are already governed by the Privacy & Electronic Communications Regulation, (PECR). This lays out more specific rules about direct marketing. For instance, under the PECR you must check all your telemarketing data against the Telephone Preference Service (TPS). This is the UKs only official ‘Do Not Call’ register for landlines and mobile phone numbers. By signing up for the free service, people and businesses can opt-out of unsolicited live sales and marketing calls. There’s also a similar register for businesses, the Corporate Telephone Preference Service (CTPS). If a number is registered with either service, organisations are legally required under the PECR to refrain from calling. Moreover, they must screen against the TPS or CTPS at least once every 28 days. The ICO enforces the law and has the power to fine firms that break it.
The PECR also lays out rules for email marketing. On a very basic level, B2C email marketing operates on a solely opt-in basis, while B2B email marketing operates on an opt-out basis. It’s a little more complicated, particularly with sole traders!
The PECR has been amended several times since it came into effect in 2003. In 2018, it prohibited cold-calling of claims management services. It also introduced director liability for serious breaches of marketing rules. And in 2019 it banned pension scheme cold-calls and incorporated the UK GDPR.
GDPR is a sensible evolution of data protection law in response to our ever-increasing data-driven world. Companies can avoid fines and keep on track by taking the necessary measures to meet the GDPR’s rules. If you process data based on consent, the rules for what counts as valid are tighter than ever before. And if you process data on the basis of legitimate interest you need to ensure that you are conducting a Legitimate Interest Assessment too.
Audit how GDPR compliant your business is and tighten up your practices by taking some of the practical steps set out in this article. Have you considered employing a GDPR expert or Data Protection Officer to steer your firm and ensure you stay compliant? Determine what kind of data your firm holds on individuals and provide people with an easy way to opt-out of having their data collected. Make certain you have an up-to-date GDPR compliant cookie policy and privacy policy in place. Use GDPR to your advantage by re-engaging your database and streamlining your contact lists.
Contact the Blueberry team on (0113) 4877013 to arrange for a free data audit.
[Copyright © 2022 Angela Kunawicz & Blueberry Marketing Solutions. All rights reserved.]
Get in touch to find out how we can help you meet your business growth objectives.
Blueberry Marketing Solutions Ltd
Consort House, 12 South Parade, Leeds, LS1 5QS