are you GDPR compliant?

The end is nigh. 25th May 2018 the world will end.

OK, maybe that was a little dramatic, but by now you’re probably sick of hearing about GDPR. It’s been a hot topic for over a year and despite its popularity, the water is still very murky. After reading countless regulation documents filled with legal jargon, you’re still no closer to knowing what it means for your business and this red flag seems to be a permanent fixture within the office.

To turn this red flag green, we’ve compiled all the information you’ll need to ensure that you’re GDPR ready. Our master code breakers here at Prototype Creative have deciphered the GDPR enigma to come up with a secret weapon – a jargon free GDPR Compliance Checklist.

What is GDPR?

Besides a world wide leading cause of baldness as CEO’s and business owners alike franticly pull out their hair. GDPR, or General Data Protection Regulations, is the set of rules decided upon by the European Parliament and Council, which dictate how companies store and protect the personal data of EU citizens.

The main thing you need to take away from all this commotion is that people now have to opt in to receiving any kind of contact from your organisation. This doesn’t sound like a big deal until you realise the implications that these new data protection laws could have on your marketing plan and outbound communications. Adjusting your communications is key and luckily we’ve got some tips here too.

Can I contact them about anything once they opt in?

No. The new regulations stipulate that the data acquired from opt in forms (the only way data should be acquired) can only be stored, and used for the exact purpose that is agreed upon by the customer. For example, if your customer has only actively registered to receive product updates you can’t then contact them with all your promotions and marketing material.

It’s simple really, be clear in what you want your opt in form to include to get the information that you need. Read it, check it, test it.

What constitutes as personal data?

When you think of personal data you would be forgiven for thinking this just applies to names, addresses and phone numbers. However, we are operating in a digital world and the GDPR recognises this. IP addresses and cookie data will also be considered as personal data and need the same level of protection.

Are you protecting all the data you should? Check the below list of data types.

  • Basic identity: names, addresses, phone, ID numbers
  • Web: cookie data, IP addresses, location
  • Payments: wireless, RFID tags
  • Physical: cultural, racial, ethnic, health, genetic, sexual orientation
  • Physiological: religion, political views

Which communication platforms can I use?

You can only use the forms of communication that the customer has selected to be contacted by. Therefore, if the customer selects email only you can’t pick up the phone and call their mobile for a chat.

What happens if I accidentally break the rules?

The big wigs in GDPR office are aware that there will be mistakes and slip ups and as such a warning system is to be put in place, but don’t push it. With penalties, of up to €20million or 4% of an organisations world wide turnover for repeated or large violations, its really not worth the risk.

How do I word my opt in form?

With clear wording that’s to the point. None of this, “I un-tick this box to declare I want to miss no promotional information” spiel to try and bamboozle the reader. Read it yourself, is it clear and will it be clear to your customers?

Do I need to update my GDPR privacy policy?

Yes. Whether you’re a big conglomerate, a small business or even a blogger with a database of readers, you need to update your privacy policy. Your new privacy policy must to state how you aim to protect and store your customer’s personal data. Here’s a link to our privacy policy to give you an example.

What about my existing database?

If you haven’t already, act now! Also known as permission passing, send an email to all of your customers informing them of the GDPR changes and if they would like to continue receiving promotional material to opt in.

If they opt in then great, save their details, but if they opt out or even if they don’t reply then delete them from your list. After 25th May 2018 you will no longer be able to contact them, so do it now.

We advise the adding a pop up that appears when people visit your website, again, informing them and prompting opt in. If you would like help with this let us know.

Is cold calling a thing of the past?

This is going to receive one of two reactions. You’re either going to be inspired to run naked through the streets spreading the word. Or, if your main comms plan is cold calling, you’re going to be inspired to throw your computer through the nearest window. Cold calling, cold unsolicited emails and spam without permission, its all dead and buried, gone, never to be seen again.

Like we said, it’s time to adjust.

Here’s how…

Build your profile

The age of casting a wide net and dragging up all sorts of leads kicking and screaming from the depths is over. Let the age of attracting targeted hot leads with juicy irresistible bait begin.

Improve your digital marketing by creating PPC, SEO and content strategies. Focus on your digital presence, your website and social media, pack them with all the information your target audience needs to inform themselves about your industry as a whole, and not just about your company and your products. Create an informative and interesting blog that offers useful content to the reader and include helpful call to actions like “if you need help with this we can help – get in touch.”

This really does work! After all you’re reading this blog aren’t you? Consequently, if you are struggling to build your profile we can help – get in touch.

Hit enter to search or ESC to close