When you are using CRM in business (or collect customer data in other ways), it is important to stay current on data protection laws. This month sees one of the most significant changes to European Union (EU) privacy law in 20 years go into effect: the General Data Protection Regulation (GDPR). This new regulation gives EU citizens greater control over their personal data and how that data is used and protected, both in Europe and abroad. What constitutes “personal data”? More than you might think. According to GDPR, “personal data” refers to everything from name, email, address, date of birth, personal interests, photos, digital footprints, social posts, and more.
GDPR will replace the long-outdated 1995 Data Protection Directive. The legislation imposes new and stronger rules on companies, non-profits, governments, and any other organization that provides goods and services to individuals in the EU. No matter where in the world you’re headquartered, if your company sells across any of the EU borders, you need to comply with GDPR.
GDPR impacts both domestic and international organizations, big and small. Any group that uses a database to store prospect or customer information simply cannot afford to ignore the new regulations. This means that if your organization sells to anyone in Europe and stores customer information in a customer relationship management (CRM) system—and nearly 90 percent of surveyed businesses do store that information in digital databases—you must be GDPR compliant or face significant consequences.
GDPR is a fairly large and complex regulation, but it can be broken down into three main areas that businesses need to understand:
The good news is that while businesses are validating security and protection for their EU customers, those validation campaigns can do double duty of removing disengaged contacts from CRM business systems, prompting email marketing campaigns with a spike in both open and click-through rates.
You can do this by running a permission pass campaign, a one-time email sent to any contact with an unverified opt-in status asking them to confirm whether or not they still want to receive your emails. Running this campaign on all your email contacts—not just the ones in the EU—not only keeps you compliant with GDPR, but also cleans your database of those who are no longer finding value in your content, leaving you with those who are much more likely to interact.
Asking contacts to confirm their opt-in status feels risky—what if they opt out? —but it is truly the best and safest way to clean your contact lists and comply with GDPR.
With GDPR in full effect by May 25, 2018, now is the perfect time to comb through your CRM system and update data for compliance and better business returns. Not only will an up-to-date system keep you compliant, but your company has an extra measure of confidence in the accuracy of the data stored in your CRM.
It may also be the perfect time to upgrade your CRM … or install one for the very first time! Let PositiveVision set you up with the right system for the job. Contact us today!