In April 2018, businesses will have to meet the requirements of the General Data Protection Regulation (GDPR). The European Parliament and Council have agreed the GDPR will replace the existing Data Protection Directive to make Europe fit for the digital single market. The introduction of the GDPR will increase harmonisation across countries, by providing one law for the protection of data applicable to all businesses within the EU.
Coming into effect next year, the GDPR will change the laws controlling how users give consent to having their data stored by businesses. Silence, pre-ticked boxes or inactivity no longer counts as consent, making providing more information about the terms of data collection a requirement of data management. Profiling customers and direct marketing will subsequently be monitored; so what does this mean for businesses involved in marketing, advertising and social media?
Impact on marketing
The GDPR will affect all businesses involved in direct marketing. Marketing specialists such as Romax, who made the following comment outlining how changing data policies in line with the GDPR regulations is a critical process.
“All businesses hold and use data captured from their clients to both understand the market and to understand how they can attract similar clients. The GDPR adds an extra layer of security but also an extra layer of complication to that process. Not abiding by the new regulations is not an option, so getting up to speed now is vital. If you want to maintain a marketing return legally, then demonstrate to your clients that you have their best interests at heart, and be proactive about the change”
The GDPR presents four new categories of personal data definitions, which affects online businesses because this categorisation introduces new requirements of targeting online identifiers. This category will be treated as personal data under protection of European law, thereby meaning companies will need to update policies, procedures and systems, ensuing additional costs.
Risk of penalties and fines
To guarantee businesses adhere to the GDPR and protect sensitive data, greater penalties for not meeting GDPR legalisation will be implemented. If a company breaches any of the components of the regulation they will have to pay 4% of their turnover, alongside suffering damage to their reputation. To ensure businesses do not find themselves in trouble, detailed research into the legalisation should be carried out, and evidence should be provided to prove the internal protection of customer data meets the requirements of the regulation, in case of inspection.
Greater customer trust
According to a recent survey, “two-thirds of Europeans stated they are concerned about not having complete control over the information they provide online”. The GDPR will allow individuals easier access to their own data, the right to be forgotten when they no longer wish to have their data processed, and concise information on how businesses will collect and use their information. This reshuffling of data protection policies will give customers a greater sense of security, helping to develop a longstanding, trustworthy, relationship between businesses and customers.