I’ve Got To Say It....GDPR :/
GDPR is the hot topic of the moment and of recent months, along with data security. As email marketing is a large part of my business I couldn’t really let the imminent deadline of 25th May 2018 pass without writing a post. So, here’s my view on it, some basic steps you can take to be ready and some links to resources you may find useful.
What is GDPR?
The General Data Protection Regulation (GDPR) is the updated data protection law being implemented on the 25th May 2018. It reflects technological advancements so that people are better able to take control over their personal data. It pretty much impacts all businesses in some way and covers guidelines for the collection and processing of personal information of individuals within the European Union.
It's A Good Thing
You only have to look at the massive amount of emails you receive from businesses that you have had no previous dealings with to see why this needs to happen. Too many emails from companies you couldn’t give a hoot about, selling things you’re not interested in just puts you right off email completely. GDPR encourages businesses to build trust in the correct manner and through the ethical use of personal data. It’s very easy to say “it’s just an email address” but when it’s your email address and you’re getting a load of information every day to wade through it can be too much!
Added to that, if the recent Facebook data news story tells you anything it’s that rules around personal data have been a little loose and have taken some time to even start to catch up with what’s going on. GDPR is a step in the right direction.
A giant email clear out will actually help your message get through to the people that are interested. Without all the other junk in there, they’ll be more inclined to read what you have to say.
A Big List Means Nothing
You need people that are engaged with your business, people that are interested in what you offer, you don’t need numbers. You just need people that have expressed an interest and continue to show an interest. If that happens to be a big number then great, but it’s better to have a smaller list of more engaged subscribers than a big list of uninterested people ignoring you. If your list is smaller and people are actively engaged and interested in receiving information then you’ll have better open rates and ultimately better delivery rates, which means your emails are less likely to be automatically filtered off to the junk folder!
So what actions can small business owners take during the next week…
GDPR is placing the focus on having a legal basis to contact people, for email marketing this means proving you have consent. You should not be adding people to a marketing list without their consent. Now, you must be able to prove that all your sign-ups gave you consent to send them marketing communications. You’ve got a load of emails on your list and no information about where they came from, email platforms might display this as “admin add”.
Review your lists and if your email software provider does not have this information and is displaying something like ‘admin add’ it will be necessary to send a re-consent email asking contacts to click to continue receiving marketing information. You’ll also need to do this is if your opt-in box was pre-ticked this didn’t allow people to actively choose to receive marketing communications, or you’ve changed your core services or products and you’re now emailing about a subject different to which they signed up to hear about. This will massively reduce your list, but as mentioned, this isn’t necessarily a bad thing.
Each contact needs to be able to withdraw consent at any time. This is via an unsubscribe link at the bottom of your email, which is generally placed there automatically by email marketing software such as MailChimp. It should be there as this is a pre-existing requirement, however, check you have an unsubscribe link and add it in if needed.
#3 Sign-Up Forms
#5 Data Storage
The ICO is attempting to protect individuals data, and the recent Facebook data scandal highlights why this is so important and what a big task this is, particularly as rapidly evolving technology is providing new challenges.
My personal feeling around GDPR is it’s not being implemented to catch-out small businesses and I was pleased to hear this confirmed in an interview with the Information Commissioner, Elizabeth Denham, on the BBC on 9th April 2018. She confirmed the focus is not on small businesses. There are bigger fish to fry! However, I often find that small business owners do their utmost to comply and can find this sort of thing quite stressful, as they don’t want to get things wrong, or fall short of any laws or regulations, particularly where a business breaking fine is involved. Nonetheless, this change in data regulation is more aimed at encouraging big businesses to take responsibility and get a grasp on the customer information they hold and share. As a small business you need to take the appropriate steps to work to the regulations and basically treat other people’s data as you would like yours to be treated.
If you’d like to find out more about the GDPR changes coming into effect on 25th May here are some useful links with more comprehensive information on how small businesses can prepare for GDPR
- ICO - https://ico.org.uk/for-organisations/making-data-protection-your-business/
- ICO - Eight practical steps for micro business owners and sole traders https://ico.org.uk/media/for-organisations/documents/2258293/eight-practical-steps-for-micro-business-owners.pdf
- ICO - Preparing for the General Data Protection Regulation (GDPR) 12 steps to take now https://ico.org.uk/media/1624219/preparing-for-the-gdpr-12-steps.pdf
- PayPal - https://www.paypal.com/stories/uk/gdpr-for-smaller-organisations