GDPR is sending people running for the hills! After years of being used to working with the Data Protection Act, the game is changing and people are unhappy and confused.
One of the main issues fuelling the confusion is undoubtedly the BREXIT process. GDPR is effectively a European law, designed to unify and tighten data protection law across the region. In theory all that will happen once we leave the EU is that the law will just be adopted. Whether that will happen in practice is still to be seen.
How will GDPR affect B2B marketers?
For years marketers have understood that Consumers and Businesses have been treated differently under the Data Protection Act. The big change is that when GDPR comes into force, all data will come under the same principals making all contact details and data, business and consumer, the same.
There’s no need to run for the hills
While this change is a major for B2B marketers it not the end of the world. The Direct Marketing Association has come to the rescue with some clear guidance on how to handle B2B data after 25th May 2018, when GDPR takes affect. Here’s what they have to say:
- The GDPR applies if an organisation is processing personal data
- B2B marketers use personal data and therefore the GDPR will apply to them too
- Corporate email addresses and other contact details are personal data
- In fact the GDPR definition of personal data is broad and includes cookies and IP addresses
- The GDPR does NOT state that organisations need to obtain an opt-in consent for their marketing
- The GDPR lays out 6 legal grounds for processing personal data. All are equally valid.
- B2B marketers will be able to make use of the legitimate interest legal ground for their marketing activity in most instances.
- Legitimate interest is a subjective legal ground so an organisation must justify their activity and consider the privacy risks for data subjects
- Consent is black and white. It is a yes or a no. However, it is a robust standard which may be hard to achieve. If it is, the ICO have said legitimate interest might be the better choice.
- GDPR is the overarching framework but there are specific rules for the marketing sector from PECR, which is being revised and will become the ePrivacy Regulation in the future
That all seems pretty clear to us, for more clarification its definitely worth checking out what the DMA have to say, they have a great email alert system which will help you keep up to date with GDPR as it develops. You should also take a good look at what the Information Commissioners Office has to say on GDPR in their guidance notes.