GDPR: How to Avoid Becoming a Moving Target

If you think Brexit means you don’t have to worry about the GDPR, think again. The ICO (Information Commissioner’s Office) states that “The government has confirmed that the UK’s decision to leave the EU will not affect the commencement of the GDPR.” With this in mind, and with less than 13 months to go before the GDPR goes live, what should you be doing to ensure you don’t get penalised for being non-compliant?

Regulations are fast changing. According to the DMA, as many as a quarter (26%) of businesses are not on course to meet the fast-approaching GDPR changes, with B2B marketers being the least prepared.  Mixed attitudes towards the GDPR signal that some UK businesses are already GDPR compliant; some are halfway – using the new framework as a baseline minimum; whilst others are choosing to keep their heads buried in the sand right up until the last minute. Unless you’re already meeting the GDPR requirements, now is the time to start preparing.

Who does GDPR apply to?

If you’re marketing into anywhere within Europe, you also need to be mindful. Since the GDPR is a directive as opposed to a law that needs to go through EU parliament, updates can be done without having to go through the lengthy rigmarole of a change in law. If found non-compliant, you could find yourself in the line of fire when it comes to fines.

Even if you’re amongst those currently playing by the rules, there is a possibility that come May 25th 2018 there may be more changes to come. Our advice? Keep abreast of news on the ICO website and keep checking back here for updates. Only last month the ICO fined a finance brokerage firm £40,000, for sending 44,172 unsolicited marketing texts promoting loans in three months. It’s worth starting the process now to avoid getting caught out.

Charities have also come under scrutiny, with the BHF and RSPCA fined by the ICO for failing to state that donor’s personal data would be used for wealth-screening. With this comes potential ramifications for marketers when it comes to profiling, a method which has become a key account based marketing component for many companies. Profiling enables them to do away with the cookie cutter approach and execute much more targeted marketing campaigns, treating and communicating with prospects and customers as individuals.


GDPR symbol

How to ensure you’re compliant when profiling

To gain some clarity for marketers, the DMA questioned the ICO who explained that in the case

of the charity’s, they constantly asked “what would the consumer reasonably expect?” This is what guided them, and helped them determine that it was not obvious to a donor that they would be profiled. Further to this the ICO has delivered further guidance on GDPR-ready profiling at the Data Practitioner Conference in Manchester, which we’ll be covering in our next blog.

As an ISO27001 certified marketing company, we’re already working with clients using the GDPR framework as a global minimum standard for running their campaigns – including account profiling. This is a key component to what we do when it comes to data management and the cleansing process. Head over to our short video to find out how important best practice data management is to our partner FIS is, and what lies at the heart of their data strategy.

Start prepping for GDPR today to avoid hefty fines for non-compliant marketing by getting in touch with us today.

And if you like what you’ve seen so far from IZEN, now’s your chance to make sure you never miss out. Opt in to receive bite-size blogs, video guides, partner success stories, and slick infographics on account based marketing, data management, and revenue generation. Not to mention the hottest industry updates, as well as what’s going on behind the scenes here at IZEN.