How to make your digital marketing GDPR compliant:
Due to the requirements under GDPR for obtaining consent to collect and process data, one of the departments in your organisation most likely to be affected by the reguations are marketing professionals.
Four years into GDPR, GDPR fines are bigger than ever before and always growing: there was a 113% increase in GDPR fines between July 2020 to July 2021, and penalties have grown as well, from €130.69 million in July 2020 to €293.96 million in July 20201. Many of the biggest fines were marketing related, including a €746m fine doled out to Amazon for compiling data on customers and a €225m fine to WhatsApp for failing to provide information in clear and plain language.
Using information that is publicly available doesn’t mean you’re off the hook: agricultural conglomerate Monsanto were fined €4,000,000 for maintaining records of activists, since they were essentially tracking them in an ongoing way without informing them.
As a marketer who collects information, whether it’s information that’s publicly available or not, it’s more important than ever to make sure you’re doing so in a GDPR-compliant way. The guidance given in this blog will help your marketing team fully comply with GDPR.
Read: GDPR: 10 things to do now
Assessment: how ready are you for GDPR?
Marketing lists
In June 2017, JD Weatherspoons felt the best way for its digital marketing to become compliant with GDPR was to delete its entire marketing list. While this may be the favourable approach for the pub chain, GDPR certainly does not require businesses to delete their entire marketing list.
Organisations can provide customer details to third parties only if they made this clear when the information was being collected. Records of how consent was obtained must be clear if the list is being used for making marketing calls, texts, or emails.