With 2018 content marketing plans already underway, there are changes that may alter your approach this year – compliance with GDPR. To get GDPR-ready and learn about NetLine’s next steps, take a look at the top changes that will affect the B2B marketing industry.
1. Collecting Consent and Communicating Privacy Information
For content marketers, this is the foundation of compliance – users must have clarity on the type of content they are signing up for. The goal of GDPR is to ensure that EU citizens and residents are in control of what content they receive in exchange for their personal information, and understand what happens after they submit their data to a business. This means that users must be able to provide “unambiguous” permission; rather than simply provide an opt-out checkbox, an opt-in is required that makes it clear what types of messages users will receive.
Privacy policies should be updated to reflect compliance with GDPR and revisited every year. A compliant privacy policy explains with specificity what users can expect to receive from the business and how the business intends to use the information that is gathered. GDPR emphasizes the notion of Privacy by Design which requires marketers to consider privacy before collecting data rather than afterwards. NetLine’s current privacy policy states that someone who registers for content from any one of our content providers automatically authorizes contact from these providers. The updates to this policy will make it even clearer to users as to what they are agreeing to when they choose to download content.
2. User-Rights Over their Data
GDPR also has provisions that empower users to ask businesses for visibility into whether or not their information is being used, and if so – how, where, and for what purpose. Marketers should be able to provide a user with a copy of their personal data in a manner that is free and readable for the requester. For marketers, this means ensuring that records were kept properly and that they can be provided to a user if requested. GDPR also addresses rights of users to modify their record. Users should be able to unsubscribe or update their messaging preferences; many businesses and emailing platforms provide links to do this manually.
NetLine offers customer-service managed processes in addition to “unsubscribe” capabilities that help users to update their information. These functions are being streamlined to make the process even more accessible to users.
Beyond preferences for receiving messages, GDPR provides users with the right to request that their personal data be removed from databases altogether. Known as the “right to erasure” or “right to be forgotten”, businesses are required to remove data from their systems upon a user’s request. NetLine will comply by promptly acknowledging and carrying out erasure when requested.
3. Data Management
Contacts acquired and retained by businesses prior to GDPR must be compliant with the new collection requirements. All records in a business database must be opted-in appropriately, with consent pursuant to GDPR. This means keeping a record of “provable consent” that would be tracked via CRM and includes information on how long data will be retained, plus when and where consent was given. This means marketers need to revisit their lead retrieval forms and fielded questions within gated content to ensure they continue to gather the required information. We currently keep a log of that data, including date and time that the user opted-in and their IP address.
When it comes to data security, GDPR requires that businesses report a breach to the appropriate national supervisory authority (by country) within 72 hours of identification. Users whose data has been compromised must be timely notified if there is a possibility that the breach is, “likely to result in a risk for the rights and freedoms of individuals”. To comply, businesses need to implement or update policies and procedures that address those scenarios.
4. Think of your audience first
While GDPR is an EU regulation, the implications are global. Because email is a ubiquitous marketing tool, it’s inevitable that GDPR compliance affects non-EU focused businesses. The degree to which businesses are impacted by GDPR will vary, but the consequences can yield long-term benefits to users and marketers alike. An empowered audience enhances the value of quality content and the intuitive vehicles that deliver it.
We encourage you to jot down these top four items and swap notes with your current vendors to ensure they are taking actions to comply with GDPR. And if you have any questions about how NetLine is protecting our clients, don’t be shy! Contact us via the form below.