The document discusses key considerations for businesses regarding the General Data Protection Regulation (GDPR) which takes effect in May 2018. It provides advice on issues like obtaining proper consent for marketing, using personal data and tracking on websites, maintaining email databases, and ensuring websites are GDPR compliant. The main points are to have transparent privacy policies, only collect and use personal data with consent or legitimate interest, and focus on creating positive user experiences rather than just checking boxes for compliance.
10. “Yes budgets can be tight, technology is moving fast and there’s a race to keep up
with competitors. But if you can demonstrate that you have the appropriate systems
and thinking in place you will find the ICO to be a proactive and pragmatic regulator
aware of business needs and the real world.”
- Elizabeth Denham, Information Commissioner
https://iconewsblog.org.uk/2017/12/22/gdpr-is-not-y2k/
11. Business cards can’t be used without getting a
consent form signed to process the data.
• Legitimate interest
• Fine for one to one contact
• Don’t add to your mailing list
• “freely given, specific, informed and unambiguous” consent
12. I can’t use tracking or personalisation on my website
or marketing campaigns.
• Anonymous is fine
• Contracts with providers
• Specifically state in privacy notice
• Justification
• Is it ultimately a positive, useful experience for the end user?
13. I’ll need to delete my email database
• Most likely just needs some re-optins
• Who opens emails?
• A good thing
• False picture of mailing list if many don’t open emails
• Lower email marketing costs
• Positive experience
14. A GDPR compliant website
• Opt-in forms
• consent truly opt in and very clear
• Privacy notice
• clear and readable
• specifically name who will process personal data
• say what you’ll do with personal information, how long you’ll keep it, and why you’re
processing it
• Tracking software
• if the data can identify an individual, check contract with the provider
• state what tracking you’re doing any why in your privacy policy
• Check for other personal data
• contract with a third party?
• specific mention in privacy policy?
15.
16. Principles for GDPR-friendly marketing
• Helpful, compliant policies
• Care about your prospects as much as your leads and customers
• Quality over quantity and 80/20
• Fans not customers