The digital marketing guide to GDPR

People receiving marketing emails from their smart phones

How to make your digital marketing GDPR compliant:

Due to the requirements under GDPR for obtaining consent to collect and process data, one of the departments in your organisation most likely to be affected by the reguations are marketing professionals. 

Four years into GDPR, GDPR fines are bigger than ever before and always growing: there was a 113% increase in GDPR fines between July 2020 to July 2021, and penalties have grown as well, from 130.69 million in July 2020 to 293.96 million in July 20201. Many of the biggest fines were marketing related, including a €746m fine doled out to Amazon for compiling data on customers and a €225m fine to WhatsApp for failing to provide information in clear and plain language. 

Using information that is publicly available doesn’t mean you’re off the hook: agricultural conglomerate Monsanto were fined €4,000,000 for maintaining records of activists, since they were essentially tracking them in an ongoing way without informing them.

As a marketer who collects information, whether it’s information that’s publicly available or not, it’s more important than ever to make sure you’re doing so in a GDPR-compliant way. The guidance given in this blog will help your marketing team fully comply with GDPR.

Read: GDPR: 10 things to do now

Assessment: how ready are you for GDPR?

Marketing lists

In June 2017, JD Weatherspoons felt the best way for its digital marketing to become compliant with GDPR was to delete its entire marketing list. While this may be the favourable approach for the pub chain, GDPR certainly does not require businesses to delete their entire marketing list.

Organisations can provide customer details to third parties only if they made this clear when the information was being collected. Records of how consent was obtained must be clear if the list is being used for making marketing calls, texts, or emails.

continue reading

On-demand webinar: GDPR – 10 steps to take before May

GDPR webinar banner

With GDPR day fast approaching, Director of Best Practice Gary Yantin and Director of Course Development Nick Henderson discussed the steps businesses should take to prepare. This was the first in a series of webinars on the topic of GDPR. You can download a recording of the webinar and the accompanying slides by clicking the button below.

Watch now

continue reading

Compliance and training trends – 2019 in review

2019 was another important year of growth from VincWorks, with 38 new compliance courses9 webinars with industry experts and the release of our new revolutionary compliance tracking tool, Omnitrack.

With the dust settling on GDPR, we focused our attention on new compliance topics and areas on the regulatory horizon. Below is a list of the areas that we focused on in 2019 and will continue to be a focus in 2020.

Compliance training roundup

During 2019 users completed an average of 4 compliance courses and 1.5 hours of compliance training.

The most popular compliance training topics were:

  • Cyber security
  • Anti-money laundering
  • Data protection
  • Anti-bribery
  • Criminal Finances Act
  • SRA regulation
  • Diversity and inclusion

Those topics constituted over 80% of all compliance training time in 2019.

The ten most popular courses were:

continue reading

On-demand webinar: AI and compliance in the workplace

Artificial intelligence (AI) is rapidly changing the workplace. Generative AI tools like ChatGPT and Dall-E now allow people worldwide to accomplish more than humans ever dreamed possible. This creates many challenges for compliance departments, which have to deal with various regulatory issues related to the use of AI, from GDPR to discrimination.

In this webinar, we explored the concepts and terms used in discussing AI and bust some of the myths. We discussed best practices for using AI in the workplace with our team of compliance experts and uncovered the risks and opportunities of using AI at work.

This webinar covered:

  • Understanding AI in the workplace
  • AI and data privacy
  • AI and intellectual property
  • AI and discrimination
  • AI and conducting an effective risk assessment
  • AI and cybersecurity
  • Plagiarism in the age of AI

Watch Now

Every VinciWorks webinar in 2019

In 2019 we hosted nine free webinars with industry experts on hot compliance topics. Through the webinars, we helped hundreds of businesses by answering several hundred compliance questions on GDPR, the SRA’s Standards and Regulations, competition law, whistleblowing, health and safety and more. All webinars are available on-demand:

We are committed to continuing to bringing top experts to our webinars in 2020. Our first webinar of 2020 will be on January 15th and will focus on compliance with the new Fifth Anti-Money Laundering Directive. Register for free below.

The Fifth Anti-Money Laundering Directive – What Now?

What should be on your compliance agenda in 2019?

Combination lock showing 2019

This time last year, GDPR dominated the compliance agenda for 2018. Like many promised cliff edges, the data protection ravine many feared business would collapse into didn’t quite materialise. While some websites are still blocking users from the EU due to alleged ‘GDPR’ issues, the shift to a new data protection regime seemed to go not too badly. This isn’t because GDPR isn’t being taken seriously, quite the opposite. The promise of eye-watering fines and enforcement action spurred a multi-industry push to get GDPR compliance right.

For that reason, GDPR stays in the lead of our top compliance trends for 2019.

1. Moving from GDPR compliance to best practice

As GDPR day on 25 May 2018 approached, businesses big and small rushed to get their privacy notices updated and flooded all of our inboxes asking us to accept their new terms of re-give consent. Most of this was pointless and unnecessary, not to mention greatly annoying to us all. Plus it exposed a rather gaping failure to grasp the six conditions for processing data under GDPR and the myth that consent is always the best or strongest condition.

continue reading

Compliance update special: The biggest compliance scandals of 2018 so far

This year has already been significant in terms of compliance breaches by some of the world’s largest companies. And it’s not just business who’ve seen major failings recently, as we review recent compliance scandals in this years’ Compliance Update: 1 April Special.

Easter bunny fined for sanctions breaches

The Easter Bunny has been fined a record £21m by the Office of Financial Sanctions

Implementation (OFSI) for illegally importing up to 40 million Easter eggs. The eggs were illegally imported from Never Never Land in violation of international sanctions against the rogue state, with The Easter Bunny allegedly committing serious acts of bribery during the import of the eggs to cover up their origins.

Never Never Land continues to remain under severe international sanctions due to its failure to adhere to data protection laws and the continued WMD programme of dictator Captain Hook. With recent EU legislation expanding the scope of sanctions compliance, all organisations are being reminded to ensure their compliance is up to speed and they are not doing business with designated persons such as Captain Hook.

Free sanctions policy template

continue reading