The countdown has begun… with 30 days to go before the GDPR comes into force, Media Maze shares some top tips for fellow Digital Marketers who are wondering where to begin.
The official GDPR deadline is fast approaching; as of 25th May 2018 the regulation will come into effect and change the way in which consumer data is controlled forever. That means that there’s only one month left for data handlers to make their collection strategies compliant and provide justifications about why they require certain pieces of data at all.
Media Maze is currently well underway with its efforts to ensure that all of our operations are GDPR compliant before the deadline comes around. So, we want to share some top tips about what Digital Marketers can do to make sure that they have covered all bases before the 25th May.
Clear, unambiguous Content is Vital
The primary purpose of the GDPR is to ensure that organisations are transparent and unambiguous about why they are collecting their customers’ data and what they are using it for. Marketers should use clear language and avoid legalese at all points in the data collection process. This way, users will know exactly what they are giving their permission for and organisations will be acting in a compliant way.
Users Must Opt-in rather than Opt-out
All opt-in boxes must be un-ticked by default in order to remain compliant with the GDPR. Permission to communicate with consumers must be “freely, given, specific, informed and unambiguous” meaning that consumers must actively tick the box next to any given statement in order to show that they acknowledge and agree with it. In addition, all content must be unbundled, meaning you have separate statements and tick boxes for each agreement that you need to gain consent for, rather than merging multiple points into one statement.
Start keeping a record of every individual that has provided their explicit permission for you to contact them or use their data in the way you have outlined. After 25th May this will become a legal requirement.
Manage Opt-out Requests
All organisations will have to withdraw and destroy any personal data of a consumer that has requested to have their information removed from that organisations database. To do so in a compliant way, you’ll need to have a system in place for when such data requests come in. This means you’ll need to run an audit of your current procedures to determine whether you need to update them to facilitate data erasure requests.
Appoint a GDPR Expert
The GDPR has been in the pipeline for over two years now although it’s likely that the regulations will evolve over time to better protect consumers as technology advances in the future. In order to ensure that your organisation stays on top of such changes as well as the policies coming into effect this May, it’s a good idea to appoint somebody within your company that is in charge of data handling and regulation. This tip is more likely to benefit medium to large sized organisations that will be holding extensive archives of consumer data but for smaller establishments, like Media Maze, that may not have their own IT department, it is still useful to have somebody in-house that is informed on the GDPR and who can oversee the necessary processes to become compliant.
Through research and action, we’ve discovered that it’s not as daunting as it sounds and with the clock ticking down, it shouldn’t be deferred any longer. After May 25th you could face large fines for not operating in compliance with the regulations so it’s worth tackling it now rather than a few days before the deadline. Read – up, prepare and most importantly, start, and you’ll be GDPR compliant in no time.