What is GDPR?
GDPR is a vast EU regulation, updated from the original 1995 regulation designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy in an
The regulation affects many parts of the organizations, and there are several key areas to GDPR that must be looked at. The GDPR website provides a basic list of key changes.
Before continuing I must provide a disclaimer:
I AM NOT YOUR ATTORNEY. PENGUIN STRATEGIES IS NOT A LAW OFFICE. THIS BLOG POST IS NOT LEGAL ADVICE, NOR SHALL IT BE CONSTRUED AS LEGAL ADVICE OF ANY KIND. IF YOU THINK GDPR APPLIES TO YOU AND YOUR ORGANIZATION, YOU MUST CONSULT WITH YOUR OWN LEGAL COUNSEL FULLY FAMILIAR WITH GDPR.
Now that that is out of the way, and you know you should consult a lawyer, we wanted to share what we know about GDPR and practically, its effects on how we do inbound marketing and sales.
GDPR - Consent
The main part of GDPR that impacts marketing is the required consent to store personal information and consent to be contacted.
Consent must be clear and distinguishable from other matters and provided in an intelligible and easily accessible form, using clear and plain language.
The regulation also adds that It must be as easy to withdraw consent as it is to give it.
The Privacy
Most websites have a legal page. However, websites can no longer stick the Terms and Conditions and privacy policy tucked away in the footer, when an EU citizen visits your page for the first time.
They now must be greeted with a message that tells them you are collecting information about their visit and provide a privacy policy and cookie policy in plain and not overly legal language.
There must also be a purpose stated for collecting the information. Visitors must also have the option to accept or decline acceptance.
Permission for Future Contact
If your website has landing pages that
The form is where you capture personal information, which typically includes name, email, and the IP address, as well as a host of other web data that gets passed along with the form submission.
The general consensus, although there is no legal case yet to say otherwise, all forms must now contain a link to the Privacy
Forms must contain clear language that indicates the contact is providing information in compliance with the terms of service and privacy policy.
The exact language of that opt-in checkbox must be drafted in a way that consent is ‘freely given, specific, informed, and unambiguous’. Consult with your legal team for the exact language for compliance.
Reason for Collecting Data
As
GDPR though has a section on the reason and purpose for collecting data. This aspect is often
Some of the information you collect through progressive/smart forms might have been called "nice to have" per GDPR, each additional field such as "What products do you use?" or when is your next project" needs to be documented why you need that field, for example: "Sales requires that information
This can be documented
Only ask for the basics and
Right to be Forgotten
There are tons of important aspects of GDPR, but one other important rule is the right to be forgotten. On a top level, emails have ( at least they should have) unsubscribe links and that is one way a contact can opt-out.
With new GDPR regulations, a contact has the right to ask that the entire record
Most CRMS make compliance here easy. Hubspot
What to do Next?
As of this
However, from the marketers perspective, it is a significant change that cannot be ignored. With penalties in the 10’s of millions of Euros, the costs are too high.
by The Penguin Team on March 27, 2018
As a leading B2B digital marketing agency, We help B2B Technology Companies, enterprise software, and hardware companies increase brand awareness, reach more qualified leads and close more customers. Penguin Strategies is a Diamond Partner of HubSpot.