You have probably been hearing quite a bit about GDPR - the European General Data Protection Regulation. What you may not realize is if you have European contacts that you interact with and store their data, you need to understand how that can potentially impact you via heavy fines. The biggest point of GDPR is protection of personal data - at a much deeper level than is practiced in the US. An individual is in control of their data - not the other way around, even to the point where they should be able to access and delete their data from a company's system.
Several organizations are now in the business of "helping" companies get ready for GDPR which goes into effect May 2018. There are several very good articles on what your organization can do to at least prepare. We will list a few good ones below.
One of the biggest impacts will be to eMarketing. Now you must have consent from a customer BEFORE you can send out emarketing - like this newsletter we are sending today.
In the mean time, the first thing you can do is make sure you have identified any European customers in your CRM or address book. We often see the country field not filled in on customer databases - and that needs to change. You need to ensure you have identified these customers and can take immediate action if one of them asks you to remove their personal data - which includes things like addresses, emails, etc.
We use Act as our CRM, but the tips we are going to suggest below should work in most CRMs.
- Create a group called European Customers and then define a query so that the customers show up in the group based on country.
- Try to identify as many European customers as possible. Not every email has a country code but many do, so we used a trick inside Act - we did a Lookup - Email - "ends with" and then searched for ".xx" where XX was the country code. A link below points you to a list of country domains.
- Be proactive and send out an email advising your customers you are aware of GDPR and are implementing procedures to be in compliance. Make that email your "bulk opt-in or out-out"email
- Update your CRM with the results and ensure that any other email database (such as Outlook) "matches"
- If people opt-out - remove their emails. Period. It can cost you a lot of money for a simple mistake.
- Determine if you really need to keep a contact's data in your CRM. If this is a "one off" purchase or you could recreate it again, delete the data.
May 25 is approaching soon. Do not delay in making your contact database GDPR compliant.
The attached links provide more information.
Country domains: https://www.domainit.com/domains/country-domains.mhtml
Microsoft Resource: https://www.microsoft.com/en-us/TrustCenter/Privacy/gdpr/default.aspx?&wt.srch=1&wt.mc_id=AID641639_SEM_3obxhTrA&gclid=EAIaIQobChMI9KWh2ufa2gIVBYppCh2ihwxjEAMYAiAAEgLu5_D_BwE
Getting email permission: https://thesocialeffect.com/gdpr-strategy-getting-existing-email-database-opted/