GDPR Compliance deadline is fast approaching
Its only a month away until one of the greatest changes in data protection law occurs – the General Data Protection Regulation (GDPR). This is a regulation that not even Brexit can prevent.
The UK government, EU and Information Commissioner’s Office (ICO) have taken great action to warn organisations and businesses about the changes they need to make in order to comply.
Studies are showing that even at this late stage many firms are lost or doing very little to meet their new obligations – even in the print industry. As John Noble, director at Pro-Active Business Information, notes: “The sector has had mixed reactions, but many are viewing it as a major hassle, with few being fully prepared – even though most are aware of it.”
And Peter Thomas, managing director of DLRT, part of the Tall Group, thinks along the same lines: “The GDPR has been well flagged. The ICO has done some great work promoting it across the multimedia platforms and via roadshows. No one can use the excuse that they are not aware of it.”
GDPR and the Print Industry
The chairman of the Independent Print Industries Association, Mike Roberts, states that businesses within the print industry are right to be concerned about the impacts of GDPR changes as it will impact on the ability to contact customers. However, He suggested that the “industry was relieved that in January 2018 the ICO ruled that marketing activities are able to continue without explicit permission needed for email, text and telemarketing”. He also said that “this was positive as it kept a core channel open to keep in touch with customers”.
From his perception, this industry is worried about legitimate business promotion in a highly competitive market space.
According to Debbie Dowler, Quality and Compliance Director at Tall Security Print, part of the Tall Group. She is pleased that “the rules and regulations laid down within the Data Protection Act 1998 and the obligations we have under ISO 27001 are being added to in this new legislation.” Her view explains how the Tall Group see GDPR as an extension in the way they have managed sensitive data over many years.
Complying to GDPR is a reflection of how businesses and market places are changing. Personal information and data is a key driver in everything we do. Its at the heart of most successful organisations and it integrity must be protected. Peter Thomas adds, “does the new law go too far? If business prepare themselves and act responsibly they have nothing to fear”.
Is GDPR all that bad?
Mike Roberts believes that GDPR in the long term should vastly improve target marketing – which is much more effective for companies with limited marketing budgets. His hopes are that huge scale marketing campaigns are replaced by creative, quality, targeted promotions. Research from Royal Mail: “Mail in Uncertain Times showed that 87% of people consider mail be believable. The same research found that only 48% of people thought email was believable.”
The whole purpose for GDPR is about personal control. For James Kinsella, e-commerce director at Route One Print, GDPR means “the consumer will have more control over their personal data and a better understanding of why companies are collecting this”. Roberts, strongly advises that companies should proactively contact their customers prior to the law changes on May 25th – as once this date has passed it will be too late. The data protection element of GDPR is highly important, especially with a significant rise in Cybercrime.
Will GDPR hinder marketing campaigns? Mike Roberts, doesn’t believe so. His thoughts are that many younger marketeers only have experience in digital marketing channels and very little knowledge in printed media – this makes them naturally wary.
He suggests, that GDPR is driving real changes in how a company can contact its customers. By electronically reaching out to customers who have “opted in”, they will only be able to contact the people interested in their products or services.
Kinsella, feels GDPR will make a difference. With Google searches for GDPR increasing 400% in the last 90 days, businesses are taking this seriously.
Firms who look at GDPR positively can benefit from the real opportunities it may bring.
Mike Roberts has seen a significant rise in direct mail enquiries as businesses had moved away from print or led with digital methods to keep in touch with their customers.
Kinsella thinks the same, while the laws on digital marketing are tightening “there is a more relaxed approach to print marketing” as a result of legitimate interests. He adds that “based on this we’re expecting to see a rise in the use of printed media (direct mail, door drops, etc) as a marketing method.”
Royal Mail’s own research suggests that 86% of people are connected with a company through direct mail and 13% more consumers visited a website when direct mail was part of the campaign.
Saying that, Roberts indicates that unless your campaign is targeted at a well-defined audience with a clear message, your mail won’t make an impact.
According to Kinsella: “Becoming GDPR compliant shows your commitment to your customers and their data. It is another opportunity for people to engage with your brand and see you as a trustworthy business who wants to handle data correctly.”
For those in the print industry retaining data, it is crucial to take an interest in GDPR and how it will affect your business. It is important to review what data is being stored? are you storing unnecessary data? Are you keeping the data for longer than required? When was the last time the data was updated?. When you have done this make a note of any areas of risk and what actions must be completed before the 25th May.
It is equally important to consider the need to obtain explicit permission, meaning that many businesses must change the way they opt people into any marketing communications. James Kinsella says, “simply look at the ways of gaining consent and make sure they meet new requirements”. Also “look at how any personal data you manage is protected and how you would handle a breach”. To this Dowler adds a rider: “Make sure data is held for a valid reason, that you have consent to hold it, and that it is held in an appropriately secure fashion with the appropriate flags where necessary.”
All corporations must educate employees on the new regulations before May 25th, non-compliance will be a punishable offence and could lead to a significant fine.