Privacy and data security is no longer a matter for just IT and legal teams. Sales & marketing play an active part in how data is generated and processed through our active lead generation and nurturing.
Just about everyone in marketing has now heard about GDPR and some people are actively working towards compliance. BusinessBrew is here to help with GDPR training, support and knowledge in clear language that will ensure you can run compliant marketing campaigns going forward.
We ensure that existing regulations like the ePrivacy directive (aka "The Cookie Law") are adhered to as well as the upcoming GDPR.
Simply put, by 25 May 2018 all companies working within the European market have to be compliant with a new set of data privacy regulations known as GDPR or General Data Protection Regulation.
The European Union accepted GDPR in April 2016 and aims to give individual more options to control how their data is held by organisations. The deadline given to companies to comply is 25 May 2018. In addition, you must have processes ready to handle data requests from any individual.
For some organisations (those whose core business entail processing personal data or those who are (part of a) governmental organisation, it may mean having ot appoint a Data Protection officer.
GDPR affects your entire organisation: IT and your systems, legal and of course marketing and sales. The bottom line, not only is there a lot to consider but you need to get started today to ensure your business is compliant well before the deadline hits.Read more about what GDPR means for inbound marketing teams here or read how you can get started working on GDPR compliant campaigns here.
If you don’t handle any data from Europe and are not based in the EU, GDPR won’t affect you. However, even businesses outside of the EU who handle personal data of data subjects who are in the Union must comply.
Now you ask, is this a good thing? Does it cause trouble for me as an Inbound Marketer? In our opinion, it is a good thing and if you stick to the inbound principles (#purist) preparing for GDPR compliance should be a manageable process.
"BusinessBrew's GDPR Workshop sheds a light on all the different nuances of GDPR. It helped put the marketing and sales team at ease about doing business in a new GDPR era and even be excited about what it brings." Hildur Smaradottir, VP Marketing
BusinessBrew specialises in getting sales and marketing teams ready for GDPR.
"Nikita took a complex and controversial subject and delivered a laid back, inviting and, of course, informative talk. GDPR is a subject which is filled with ambiguity and therefore her common sense approach was a breath of fresh air. We received great feedback from everyone we spoke to about her talk." Rikke Lear, Director
The GDPR affects the entire organisation. Marketing teams tend to get hit first as we collect, segment and analyse personal data every day.
Your marketing team has to be ready to take care of the following:
1. Handle requests from individuals to understand how their data is being held.
2. Be able to show how and when consent was obtained.
3. Allow individuals to withdraw consent easily and at any time.
4. Provide clarity to data subjects.
5. Provide language around your data collection and processes that is clear and written in normal (i.e. human, not law specialist) language.
6. Must execute requests from individuals “without undue delay and at the latest within one month of receipt of the request”.
7. Report a security breach “leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed”.
In short, marketing is for many organisations the first point of contact. Here, data is first collected and stored; most likely marketing will also work on the processes and responses to data requests and communication around data breaches.
We are ISO certfied GDPR specialists as well inbound marketing experts.
Here the background on our certification: The International Association of Privacy Professionals (IAPP) is the largest
It was important for us to get trained and certified so we can guarantee you we are up to date on best practices for privacy and data security when advising you on your marketing strategy.
We are uniquely positioned to support you in building ePrivacy/ PECR / GDPR compliant marketing campaigns because we combine our inbound marketing experience with data privacy insights.
The directive has been in place since 2002 and has been updated as a proposal text in January 2017 is by many marketers knows as ‘the cookie law but it covers much more than that. The Directive on Privacy and Electronic Communications (Directive 2002/58/EC and the 2009 update, Directive 2009/136) concerns electronic communications and the right of confidentiality, data and privacy protection. Electronic communication covers websites, email, text messages, advertising, apps, IoT devices...
PECR contains a specific set of rules for:
The 2017 update to PECR is good news for us marketers. It not only requires popular messaging systems such as Facebook Messenger, WhatsApp and Skype to adhere to the regulations, but it also clarifies some of the, previously more complicated, aspects of the regulation
On top of that, the EU is replacing the ePrivacy directive with a directly applicable regulation which means that we only have to deal with one set of rules instead of 28 different ones. Read more about the proposed 2017 update here.
You may have heard that you need a Data Protection Officer or a DPO under GDPR. This isn’t necessarily the case. There are three scenarios where you might need to appoint a DPO under GDPR if:
As you can see, most businesses don’t need to appoint a dedicated DPO. BusinessBrew can advice in the case you do not need a DPO or if your DPO needs support in translating policy into workable marketing activities.