By Katie Grant
If you find yourself feeling lost hearing this acronym thrown around the office, you’re not alone. GDPR is the latest buzzword making waves across the global marketing community - but what exactly is it? To learn more, we turned to our newest Inbound Strategist, Katie Grant.
Katie comes to us from a health-technology company in the UK where she was working when GDPR first came into play. She was in the real thick of it as she worked with her company to figure out how to refine processes and become compliant.
In this blog, she explains what she's learned and how New Zealand businesses can apply those learnings to their own marketing processes.
Quick definition - what's this buzzword all about?
Haha! It’s not a buzzword - it’s a new law!
The General Data Protection Regulation, aka GDPR, is the new data privacy law that replaced its outdated predecessor (the Data Protection Directive or DPD) as of May 25th 2018. Basically, this new regulation enhances the protection of the personal data of EU citizens and makes organisations who collect or process personal data more responsible for how they obtain, hold and utilise that information. It's much stricter than the DPD - if you’re found to be noncompliant you can be punished a max fine of up to 4% of your company's global turnover or 20 million euros (whichever is higher).
Think of it this way - the trade of information is now like the trade of money. If you take someone’s information and use it in an unethical way without asking them, you’re breaking the law. The same as you would if you took someone's money without asking, held it in a sketchy bank account and then spent it on illegal items.
This is what makes business owners feel afraid - companies have never been held so accountable for marketing, but now that it’s a law, businesses really need to reevaluate how they obtain, hold and use their customer's information.
GDPR is an EU Law - so how does it affect my NZ business?
If you market or sell to anyone in the EU or UK, on or offline, then the GDPR will affect your business. Online commerce is borderless so if you sell into the UK then you need to be operating in a GDPR compliant way. If you're capturing new leads from customers in the EU or marketing to existing ones, then you definitely need to get up to speed with the new rules - asap!
Even you're a local business or operating internationally in other markets outside the UK and EU, it's wise to start adopting GDPR best-practises now. The GDPR has had such a profound effect - our pick is that a law similar to GDPR will eventually be passed in NZ. So now is a good time to get a head start!
Establishing compliant processes may sound like an overwhelming task for small-medium business owners, but if you’re using the HubSpot inbound marketing methodology, you’re probably already more compliant than you think you are.
Inbound marketing and GDPR
Conveniently, the philosophy and practice of inbound marketing and GDPR go hand-in-hand. Look at it as a way to become even more empathetic towards your future and current customers, ensuring each touch-point they have with you is GDPR compliant.
When we create and execute an inbound marketing [link to inbound marketing pillar page] strategy, we consider how we obtain data from new customers - how they initially engage with a brand and what they benefit from giving us their information. When they give us their data, we are confident that they clearly value our offering and want to engage with us further. And we can record the customer's whole journey through the lead generation process - which is perfect to call on should a company ever be audited.
We think about contact lists, opt-in- opt-out, social media retargeting, mailing lists, nurture journeys for campaigns - how do we ensure our nurture journeys aren’t exploiting our customers?
The best place to start is with an audit of your contacts. Go through and see who is not engaged at all and stop sending them information. Keep engaging with those who are highly engaged and find the people who are somewhat engaged and ask them to opt-in/opt-out.
Tip: did you know that there's a setting in HubSpot to select 'do not send to contacts with low engagement'. Look for it before you hit 'send' on your next EDM!
This might be hard for businesses - asking if your customers actually want to get your emails is scary. Could this be damaging to my brand? Quite the opposite. In fact, by doing this, it builds trust in your brand.
You should also see it as a way to streamline your marketing. It’s an opportunity to refine your personas, factoring in GDPR considerations when you create and plan your content.
Key takeaways for becoming compliant with GDPR
- Start today: Do an audit of your marketing data to ensure you're engaging appropriately with your prospects, leads and customers NOW.
- Turn on GDPR settings in HubSpot: Yes! There is a centralised place to automatically enable GDPR-compliant features throughout your account.
- Delight your prospects, leads and customers with privacy-empathy: Empathise with the people you're communicating with and earn their trust through GDPR-standard, best practise communications.
To learn more, check out these resources or contact our team!