10 Things You Need To Know About GDPR
You’ve almost certainly heard about the GDPR, a European Union law enacted in May 2018 that imposes strict obligations on the way a business uses the personal data of its customers. GDPR stands for General Data Protection Regulation, and it lays out the ways in which businesses are required to be transparent with their customers, collecting only necessary information. It also lays out the liability for keeping customer data secure, and the penalties for breaches are severe.
What do you need to do? Well, if you have customers who are EU residents, you need to be following GDPR with these customers at least. However, many consider the provisions to be “best practices” that all companies should be following.
Top 10 GDPR Points
Next, learn more about GDPR and what is required. Here are the top ten aspects of the law:
- Mention consent in simple terms, and if you are using data for different purposes (i.e., for selling your own products vs. renting your list to someone else), collect separate consents. Be clear about why you are collecting data and what you will use it for.
- Consent is a voluntary affirmative action – pre-checked boxes or pre-filled fields are out. Double opt-in is required to obtain consent when collecting data.
- Collect sensitive data such as race, ethnicity, religion, etc., only when you have clearly informed your customers and can provide a clear reason why the information is necessary for you to serve them.
- Personal data collected can only be used for the purposes you clearly stated – if you want to use their data for another purpose, you must inform and obtain consent.
- Changes to privacy notices must be sent immediately to users.
- Customers can restrict the processing of their data if they have an issue with the information you have or the way you handle it. You must appropriately respond to restrictions imposed by customers.
- You are responsible for safeguarding your customers’ personal data. In the event of a loss or breach, you must inform customers immediately. No third parties are allowed to access your
- stored data at any time.
- You must allow users to opt out of any or all services at any time.
- An individual can demand the deletion of any personal data they feel is not being used appropriately.
- Customers must allow users to access their own data in a readable format so they can download their information at any time through password-protected files.
Three Ways to Benefit from GDPR
Even if you are not required to follow GDPR, there are advantages to putting at least some of these practices in place:
- The transparency in this marketing approach will gain trust and goodwill from customers. In turn, your email engagement rate will increase and you should experience higher conversions, increasing your marketing ROI
- GDPR puts a focus on data privacy and risks. In the ever-increasing role that cybersecurity is playing with all businesses, this is a good thing.
- Improvements in data management are long overdue. Adopting GDPR will enable you to detect and get rid of redundant, obsolete and trivial files that your organization retains, even though they have no business value.
The good news is that your CRM system likely has added tools that will help you become GDPR compliant. Here is two examples, of how Zoho CRM is helping its users understand and manage GDPR’s requirements.
At AspenTech CRM, we’ve been helping our clients, both with and without EU customers implement GDPR. We’ve spent more than two decades working with companies to create CRM systems that follow best practices in marketing and data management. Give us a call today at (866) 880-4228 or click here, and let’s put your company on the right track.
Please follow us on Twitter and Facebook for more CRM & business insights.
Related Articles:
Arm Management with Reliable Data
Business Goals & Segmentation
The What & Where of your Data
