However, breaches are taken seriously and penalties are being paid with bigger businesses taking the brunt of the fines. Almost two years on, the GDPR regulators across the EU have been flexing their muscles. British Airways received a meaty fine of $225.16m for a data breach, Marriot International had to cough up after they allowed the personal data of 339 million guests to be stolen and Google had to hand over $55 million due to an unclear data consent policy. Smaller businesses must also note that they are not off the radar – as the legislation beds in, fines are increasing in regularity.
Whilst businesses are mindful of the regulators knocking on their door and discovering misdemeanors, also noteworthy is that consumers are becoming much more data savvy. They are aware of their rights and expect them to be upheld. BUT, and here’s the conundrum, they also want a streamlined customer experience when they’re online, which demands the use of their data… Those marketers with effective GDPR compliance embedded within their systems and processes have nothing to fear, and in fact can reap the rewards of successful campaigns.
GDPR in its current form is in place to protect the public from having their data misused but doesn’t go far enough, according to regulators. It’s not entirely clear when new regulations will be issued, but word on the street is that ePrivacy Regulation(ePR), derived from the 2002 ePrivacy Directive, will come into force in 2020.
ePR could well contain controls of website cookies and other tracking technologies. The intention is to combat spam issues and behavioral advertising by requiring complete transparency and affirmative consent. We could see technology platforms such Skype, Facebook and Google (just to name the ‘biggies’) face ePrivacy reforms.
And what of the B Word? How will Brexit affect the UKs compliance of both GDPR and ePR? According to the GOV.UK website, Government guidance states that there will be no immediate change to the UK’s data protection standards after Brexit; GDPR will be brought into UK law.
What we do know is that CRM systems, used effectively, can help to maintain successful GDPR compliance AND allow the provision of targeted marketing campaigns for both the B2C and B2B markets. In fact, CRM lends itself to following the regulations. Successful marketers will want to target only those that really need/want/desire a product or service and GDPR legislation demands that data is only used where there is a legitimate reason for doing so, providing information that the citizen will appreciate.
Data collection within CRM will allow a host of options for consent management – only those that want to be contacted will be. And it’s also possible to specify exactly what types of communication they want to receive and how they want to receive it. If they’d like a newsletter, sent via email, then that’s what they shall receive – nothing more, nothing less – a gift to email marketers…
Additionally, the CRM can separate information that is available to all within an organisation and that which is more sensitive, such as financial and contract data. And if/when regulations, such as ePR, come into practice, amendments to the data can be made in bulk via the CRM.
To conclude, GDPR is here to stay, data protection legislation will be widening its net, and CRM can help businesses remain compliant AND improve their marketing!
Find out more about how you can use CRM to remain GDPR compliant here https://crm.sparkstone.co.uk/gdpr/
Botley Mills, Mill Hill,
Tel: 01489 795000
©2020 Sparkstone technology | VAT No. 849 5490 77 | Registered Company No. 5137395