We’ve Got New Rules, Don’t Doubt ‘Em

In an attempt to inject some lightheartedness into GDPR (no easy feat!) we thought we’d have a go at addressing some of the regulation’s key changes…by reappropriating Dua Lipa’s recent hit, ‘New Rules’.

I’m sure Ms. Lipa never envisioned her song being used in such fashion, and might well be appalled… Anyway, let’s delve into these new rules in a bit more detail.

One – Do pick up the phone, but if they’re on TPS then leave them alone

It clearly states in guidance from the ICO that individuals are still able to be contacted via telephone using Legitimate Interest as a legal basis. Consent is not strictly needed. However, an LIA must be carried out which concludes that you have a legitimate interest in contacting said individual, and that they equally would have an interest in hearing from you. Likewise, it goes without saying – if they’re registered on TPS then put that phone down.

Two – Don’t let bad data in, you must do your due diligence

Despite concerns over the use of 3rd party data post-GDPR, as long as the data has been collected correctly, in a transparent manner – and is GDPR ready – then there is absolutely no reason why 3rd party data cannot (and should not) be used. This is precisely why due-diligence is imperative. All 3rd party data should be linked to the most recent privacy policy or consent statement, as well as the most recent engagement date – this should also be broken down by channel. (Our Active database consequently ticks all of these boxes!)

Three – You must clean and amend, or you’re only gonna wake up with a fine in the morning

Article 5(1)d is explicit about this – data must be kept up to date and accurate or be deleted. Simple as. Besides the obvious threat of a substantial fine from the ICO, perhaps more troubling for many businesses should be the potential for brand damage. Consumer expectations around data accuracy have never been higher.

Our recent research found that more than 70% of consumers expect their data to be accurate [Source: Accuracy and Relevance – GDPR Impact Series 2018]

Continuing to market to deceased individuals and goneaways could have huge repercussions and lead to losing loyal customers. Keeping data up to date and accurate couldn’t be simpler and can be done real-time nowadays with Data as a Service (DaaS) solutions. So clean your data!

Don’t contact them – without a legal basis for pro-cessing

Whichever legal basis you choose for processing, once you have chosen it you must use it thereafter – there’s no going back. With that in mind, you might want to reconsider the misguided notion that consent is the be-all and end-all. It is often not the best basis to use. Direct Mail can be used under LI and is set to make a huge come-back – Amazon in the US (a famously online-only retailer) recently announced their intention to distribute a printed toy catalogue at Christmas time!

Respondents to MarketReach research confirmed that mail is more believable (87%), makes them feel more valued (70%) and creates a better impression of a company (70%).

While I await correspondence from Dua Lipa insisting that I never again use her songs to highlight changes in data protection law, be sure to follow the new rules – And if you don’t abide, the ICO might skin your hide! (Well, not really, but you get the idea!).