In a nutshell, GDPR:
- The key principle of GDPR gives consumers control of their data
- Applies to the 28-nation European Union’s 510+ million citizens, as well as any business doing business with them, regardless of where they are based
- Fines of up to 4 percent of total global revenue for violations
Most of us leave thousands of fingerprints of our personal data throughout the Internet from social media, retail shops, banks and financial institutions, and elsewhere. News headlines in recent years highlighted who is legally and illegally using that data (and somewhere in between), whether data hacks at Target, Home Depot and Experian to Cambridge Analytica’s shady harvesting of data from more than 50 million Facebook profiles.
In many ways, the collection and use of that data begins with vague, misleading opt-out forms or confusing terms-of-service agreements. Now, EU residents will have the freedom to opt in, rather than the burden of opting out. And consent must be easy to withdraw.
David Fowler, who is Act-On’s head of privacy, compliance, and deliverability, has been in the front row in many of the conversations clarifying what GDPR means for Act-On and its thousands of customers.
Fowler said despite the real challenges that come with complying with GDPR, this also presents an opportunity for companies to reset their standards for email engagement, embrace a new normal, and “reap the benefits of what should be a more engaged funnel and customer base as fortunate side effect.”
“This is an opportunity to reassess your opt-in list strategy for more engaged prospects in your funnel,” he said. “Yes, GDPR may be forcing our hand, but adding a strategic opt-in strategy to your forms used in inbound lead generation campaigns will allow your prospects to self-select into the types of messages they want to receive – from their very first interaction with your brand. With the proper strategy in place this will allow for more effective segmentation and tailored methods of engagement, which should cause an organic lift in engagement in your funnel.”
At Act-On, back in 2016, we undertook a third-party assessment of our preparedness for GDPR through a company called Truste, which is an organization that certifies our website and our privacy principles. From their assessment, we put together a working plan of what we needed to do for GDPR compliance.
One of those items was rewording our opt-in consent forms to be in compliance with the regulation, and then pushing out that change across all the hundreds of forms we may be using in our own marketing operations.