If it feels like talk about GDPR is everywhere these days, that’s because it is.
With the European Union’s new General Data Protection Regulation (GDPR) set to go into effect May 25, people across all lines of business and industries are buzzing about what these new rules mean and what needs to change to ensure compliance.
B2B marketers are no exception. And while you might not be a stranger to regulations around email marketing, GDPR goes much further than the regulations currently governing marketing activities like CAN-SPAM laws.
So what exactly do you need to know about GDPR? And how can you prepare? You’ve come to the right place.
Getting Up to Speed on GDPR
First and foremost, let’s make sure you’re up to speed on GDPR.
GDPR puts in place data privacy measures for all citizens of the European Union by creating rules for how companies can collect and process personal data. For example, it requires organizations to have a lawful basis for processing personal data and grants EU citizens the right to request that companies provide access to or delete their personal data. Any company that collects or processes data about EU citizens, regardless of the company’s location, must abide by GDPR.
These regulations will replace the 1995 Data Protection Directive that currently governs data privacy in the EU and are meant to better reflect the data economy in which we now live. Consider IBM’s finding that 2.7 zettabytes of data exist in the digital world, with 5 exabytes of new data generated every two days. It sounds like a lot because it is. In 2016, IBM reported that 90% of the world’s data was created in the past two years alone.
Having that much data in play creates serious privacy challenges, especially when it comes to earning and maintaining trust with customers, vendors and employees. It’s exactly those challenges that GDPR aims to resolve.
What GDPR Means for Marketers
You know GDPR is coming and you know the reason behind it, but what do these new regulations really mean for you as a marketer?
The most important thing that B2B marketers (or any marketers for that matter) need to know about GDPR is that you must have a legal basis for processing (which includes storing) personal data about EU citizens.
Under GDPR, personal data covers any information that can be used to directly or indirectly identify someone. That list covers, but is not limited to: Name, address, location, online identifiers (e.g. IP address, mobile device ID), health information, income, cultural profile, religious beliefs, political party affiliation and trade union membership.
GDPR outlines six legal bases for processing personal data. The option that will apply to most marketers is consent. GDPR defines the grounds for consent as follows:
- People must explicitly opt-in to giving consent. Consent requires clear, affirmative action, meaning marketers can not use pre-checked boxes.
- Consent must be unambiguous, freely given, specific and informed.