Marketing in a post GDPR world

Phil Lindsay By Phil Lindsay

So the apocalypse has happened, and we sit here looking out at a post-GDPR world, wondering what we do next?

This was the topic of conversation at last night’s event at The Future Factory hosted by Harry McCreanor, their Client Services Director, and Zach Thornton who’s been lobbying tirelessly on GDPR for all the members of the DMA (such as ourselves).

Amidst consuming some delicious pizza here’s what I learnt from Harry and Zach:

Do a data audit

For many of us the 25th of May was made out to be this hard and fast deadline, after which court cases and fines would come raining in. This is not the case, the ICO are here to help us all become compliant with the new law and at this stage what you need is a plan of how you are going to achieve compliance. The first logical step in that process is to audit your data.

By audit we mean:

  • Locate & catalogue all the personal data you have (spreadsheets, databases, CRMs, email etc)
  • Delete the data you should no longer have, or that has expired
  • Make sure you know where the remaining data was acquired from
  • Make sure the data left over is protected in a secure system

Be clear which legal basis you are using

The six legal bases of GDPR are a hot topic, so let’s keep this simple - you have to make the choice, and you can choose a different legal basis for different groups of data you hold.

For us, as a creative agency, we operate in the business to business space, and our legal basis is legitimate interest. For many of our clients - particularly our charity clients who are business to consumer, consent will be their approach. However, within a charity the corporate fundraising team will be able to use the legitimate interest basis for their contacts.

Upgrade your ‘unsubscribe’ function

We’ve all had an ‘unsubscribe’ function in our email newsletters and other comms for some years - since PECR came into law in fact. GDPR wants us to take this to another level - now you need to be really clear about what you are unsubscribing from - otherwise the unsubscribe applies to everything. So make it really specific to the communication they are receiving, while offering the option to check their preferences where they could opt out from all.

From our perspective, we’ll no longer be putting opt-out in a light grey small font at the very bottom of our emails. We’ll be making a feature of it, and making clear to the reader why we we are processing their data and how they can change that if they wish.

Respect your opt-outs, forever

When someone unsubscribes be careful what you delete. If you delete everything then how will you be able to suppress them from any future mailings from your organisation? So keep their name and email on those suppression lists - everything else you hold on them must go.

Join the DMA

If you are looking for GDPR guidance then join the DMA - talk to Zach - they will help you become compliant and advise you in future on any data issues that might crop up. The ICO are the body in charge of regulating GDPR - making sure we are all following the letter of the law. So it might surprise you to learn that their primary purpose is to educate not admonish! Unless of course you ignore their advice - in which case the penalty fines will be crippling.

So what is my key takeaway here? That GDPR will make us all better marketers, and hopefully regulate the organisations that were not treating people with the respect they deserve, and giving the rest of us a bad name.

The future is bright in the post GDPR world!

Phil Lindsay

Phil Lindsay

Co-founder & Managing Partner

Phil is responsible for the overall operational and financial efficiency of Consider. Originally our Technical Director, Phil now looks after our amazing team, keeps a keen eye on our finances, and is helping develop the structure and tools we need to grow. You can read Phil's latest thinking on our blog.