With the new EU data protection regulation coming into force next month, many businesses are understandably questioning what it means for them. The issue isn't a short-term one; the impact of the GDPR will be ongoing long past its introduction on 25 May and will affect practically every aspect of a business' activities.
While it might be hard to predict exactly what the aftermath will be (we're not clairvoyant after all!), as a business intelligence provider we've been monitoring the situation and have therefore been able to determine what the likely trends will be going into 2019, as a direct result of GDPR principles.
The EU general data protection directive demands that organisations go to greater lengths to gain consent from data subjects in order to collect their personal data - and this now includes things like IP addresses, cookies, and biometric data such as fingerprints. Individuals must be told exactly how their data is being used, who's using it and the length of time it will be held for.
Clearly, this has big implications for businesses that use personal data belonging to EU citizens (and this is likely to include UK businesses even after its exit from the EU). GDPR fundamentally changes the approach to practically every business facet, with the main impacts being:
When the new European data protection regulation comes into force, it's estimated that a shocking 75% of all marketing data within the UK will become unusable. This, along with the other additions to data protection law, will mean big changes for your sales and marketing department. For example:
No cold emails - The days of purchasing email lists for consumers are dead and gone thanks to GDPR. Things for B2B are a little less bleak - you're still able to reach out if you can prove there's a legitimate interest, but this is likely to mean you'll have to have had some prior contact with the prospect in order to show how the business relationship has evolved.
Double opt-ins - In order to be able to add a prospect to your email list, you'll need to ensure that they've not only given their consent in the shape of a filled out form or checked box, but also by clicking on a link in a confirmation email to show it was them.
Limited personalisation - Targeted marketing will also become much harder thanks to the new legislation since monitoring individuals - including their online activity - can no longer be done without clear consent being given first.
The IT department is integral to ensuring GDPR compliance, for obvious reasons. The new regulations will mean a number of changes for the department, such as:
Data processor - While current legislation places responsibility solely with the data controller, under GDPR law processors will now also be liable for any data breaches, and will need to have a binding contract drawn up between them and the controller.
New systems - The new regulations will mean that companies need to establish new systems and processes in order to be fully compliant in the way in which they collect, store and process personal data. For example, if your company records phone calls wherein the personal information is shared, you'll need to reassess how it's stored, and for what period of time.
Security - It's vital to make sure the personal data you're holding is safe from potential loss, damage, or theft. This might include things like encryption or pseudonymisation in order to meet the technical security measures imposed by the GDPR.
While much of the onus for remaining compliant will be on the IT department, it’s important to remember that long-term, it will be a company-wide issue, with every department being aware of their individual responsibilities.
Even the human resources department will be impacted by the new directive…
Handling staff data - Consent will be needed in order to process personal data belonging to employees, and this means more than simply signing a work contract as the balance of power lies mainly with the company in that situation.
Recruitment data - The new legislation states that companies can only keep personal data for as long as is absolutely necessary and no longer, and this will apply in the case of job applications - candidates' information will need to be deleted as soon as the process is over, unless they've given you explicit consent to hold onto it.
Training - All staff should be adequately trained in order to fully understand the GDPR principles, not only to ensure compliance but also so they are able to spot a data breach and know how to report it properly.
What are the general trends relating to GDPR going to be for the next year?
In order to collect, process, and store personal data in the most efficient way possible whilst remaining compliant to GDPR, organisations will be in need of flexible tools and systems. In order to make the issue of compliance much easier, it makes sense to hold related data in one place wherever possible, which will mean new integrated tools becoming more in demand.
With GDPR laws in full effect in 2019, along with the vast amounts of data being produced every day, data governance will be an essential aspect for every organisation - more so than ever before. With unified rules such as the GDPR, companies can enjoy greater transparency and a more easy-to-follow directive for remaining within the law.
According to research from the International Association of Privacy Professionals, 28,000 data protection officers will be needed in order to meet the needs of organisations following the introduction of GDPR.
Early evidence supports this view; job ads for DPOs on Indeed.co.uk have increased by over 700% in recent months, which - while a good thing for data professionals - could pose a problem with staff shortages likely to occur.
With consumers becoming more aware of their rights when it comes to data privacy, thanks to double opt-ins and explicit consent becoming commonplace, 2019 is likely to see a greater level of unsubscribes. The only real way to avoid this is to offer valuable content to your audience to ensure they remain interested in and engaged with your brand.
One of the more positive things to come out of GDPR will be the need for marketers to revert back to more creative ways to engage their audience. No longer can businesses rely on their email lists or targeted marketing - instead they'll need to go back to basics and come up with interesting campaigns to grab attention.
Video is likely to play a pivotal role in this; it's estimated that it will account for almost 80% of global mobile traffic in 2019, and is set to become one of the biggest disruptors in the marketing industry.
While influencer marketing is already commonplace in the industry, it's become somewhat overused and synonymous with social media stars cashing in on a quick buck. However, the fact is, it does work; a 2017 report from Pardot found that 94% of organisations that have used influencer marketing were happy with the results.
With marketers looking to use proven tactics amidst the downfall of direct and targeted marketing, it's likely that a more promising return to influencer marketing will be had, provided they can get over the challenge of regaining consumer trust.
With very little space for targeted marketing under the GDPR directive, businesses will be looking to find new ways to personalise a lead's experience with their brand. VCAs are a great way to do this, and it looks like they're here to stay - research from Gartner found that by 2020 25% of customer service operations will use them by 2020 - up from less than 2% during 2017.
While much of the attention surrounding GDPR has been on consumers, it will also affect B2B operations - although to a lesser extent. Personal data of employees such as work contact details will be protected under the new regulations, but that still leaves a vast amount of valuable business data that can be used to personalise your approach to a company, qualify business leads and perform background checks on other companies.
Business intelligence provider Global Database has created a buzz around this topic by recently opening up their UK company data - making records on over 4 million businesses free to access and use. These insights include things like profit and losses, cash flow, technologies used, employee headcount, structure and ownership, website traffic, and more, giving you a complete overview of any business across all industries.
While it can be difficult to predict exactly what impact the implementation of GDPR will have by 2019, there are plenty of early signs that point to these trends coming to fruition. In order to be prepared no matter what happens, you should make sure to gain a full understanding of GDPR legislation, and develop an inter-departmental approach to remaining compliant and adapting your activities as things develop.
To get ahead with your B2B marketing, visit us at www.GlobalDatabase.com