The new GDPR is here. Now what?

The new GDPR has been in force now for nearly three weeks. Are you already fully compliant?

Many companies have been concentrating on those matters of the regulation that stand out the most. The visible matters. So they're out of the way.

  • New cookie statement DONE
  • Privacy policy DONE
  • New data processor agreement DONE

Now it's time to give the less obvious matters, which may even be even more crucial, the attention they deserve. Just think of all the new rights consumers have and the security of data. 

 

 

 

The chance to use data more effectively
In the brand-new privacy statement you posted online on the 25th of May, you mentioned things like the consumer has the right to be forgotten, or has the right to access the data you store, and to have this access in a legible digital format. Have you already thought about how you're going to meet these rights. A good place to start is perhaps first mapping out where all the consumer data is actually being stored. While you're at it, you can make sure everything is safe and secure.

And it's a great chance to get to know your customers better. The chance to take a critical look at the data you're storing and what you really do with it. The chance to make new marketing choices and get much more out of that data.

The chance to make data more accessible for marketers
Right, so you now know where all the data is. What if a customer calls you tomorrow and demands to be forgotten in all systems?
What is your first step? You have 30 days to get it done. Are all processes in place to ensure all these new consumer rights can be met?
We've come up with a way to arrange this quickly for the Magento Webshop with one click on the keyboard. And many direct mailing businesses have also found ways to do this quickly and effectively.
But consumers are often stored in more databases than you think Deleting or anonymising them manually can be a solution that works, but you have to make sure the procedures are properly in place. And that you can prove to consumers that you have indeed forgotten their data.

 

 

It's a chance to take a closer look at data processes and use them more effectively. To collect all data in one system, so that all information is bundled per customer. This gives you, as a marketer, a total view of each customer, makes you more flexible and means less reliance on IT. Above all, you feel better in the knowledge that the communication with your customers is much more personal.

The chance to clean up the mess
Security is important too. And not just a secure server, but especially the secure exchange of data. Your awareness and that of your colleagues is crucial in this. Storing data securely means not storing or collecting any more data than is needed.

Go through everything with a fine-tooth comb. Map out what data you store and why, where the data comes from and what you'll be doing with it. This is your chance to narrow things down. Less static. It makes marketing choices easier and quicker. Set basic rules. For example, how long do you store data of customers who haven't ordered from you for four years? What do you do with someone who hasn't opened your newsletter in the past two years?

The chance to gain back your consumer's trust
This is probably your biggest opportunity. In essence, the new GDPR isn't about making sure you comply with the law. The new GDPR is a chance for you to show consumers that you are able to handle their data carefully and purposefully. Not just collecting data because you can, but because you have a clear purpose for the data.

Not sending emails to consumers because the law allows it...kind of. But emailing them because consumers actually want to receive information from you. That should be the basic principle. Using the available data purposefully and personally, and therefore effectively. Consumers will see and notice that we, as marketers, really know them and put their data to use in a secure environment. Consumers entrust us with their data and allow us to surprise them with it.

That is the essence of the GDPR.

Do you have any questions about this? Get in contact with Evelien Schrijver, +31 (0) 252 7502 75 or evelien.schrijver@kega.nl.