How aware are you about the upcoming GDPR legislation and its implications for your business? I admit that other than having heard of it and knowing it was to do with changes to data protection, up until a couple of weeks ago I didn’t know much about it at all.

With the deadline of 25 May 2018 getting ever closer, I knew I needed to find out more. As a Virtual Assistant I have access to a lot of data, such as my clients’ CRM systems and mailing lists, and I want to go forward knowing that the systems my clients are currently using will be compliant. So I booked myself on to Penarth Management’s GDPR Awareness half day course… which proved to be extremely informative, and threw up quite a few points that are very relevant to my business.

The scope and complexity of GDPR is huge, but here are just three aspects that seem particularly relevant to anyone who, like most of my clients, uses a CRM system and/or mailing list software:

1. Impact on software solutions. Where is your data stored? If you’re using popular cloud based solutions such as Mailchimp, AWeber, Hubspot or Google cloud, the answer is almost certainly going to be in the US – and due to differences between European and US data culture, not all these companies are yet compliant. Some (such as Mailchimp) have published GDPR information on their websites; others have not. Penarth Management suggests contacting or researching any US-based companies you store data with to find out if they are going to be compliant by May.

2. Impact on marketing strategy. One line that jumped out at me was this: “For consent to be legal, it must be freely given (it cannot be conditional)”. Does this mean an end to lead magnets in marketing? (You know the sort of thing – download this free gift from our website, just input your email address here…). This is standard practice in list building these days, and one that will be affected by the GDPR. This is one area I definitely need to find out more about, so I can get clear on how lead magnets will need to work in future in terms of wording and delivery.

3. Impact on managing your existing lists. If the personal data you hold on past or present customers or prospects was acquired in a non-GDPR complaint way, you’re going to need to either remove those contacts, or get in touch with them all and re-establish permission – the ‘Do you still want to hear from us’ approach. You’ll also need to get specific about how you’re going to use their data and how long you intend to keep hold of it – and make sure that opting out is as easy as opting in.

The good news…
All this might sound like a bit of a headache – but in fact it represents an opportunity: a really good excuse to clean your marketing list and distil it down to data that is actually current, relevant and useful. Do you really need the email addresses of prospects from 10+ years ago – people who have perhaps never actually made a purchase or had any meaningful interaction with you? Your list may look leaner, but will be transformed into an engaged customer base who want to do business with you.

I’ve just scratched the surface of GDPR in this post. Want to know more? Book a course with Penarth Management here: