I spoke to the Office of the Information Commissioner last week to ask what impact the new General Data Protection Regulations (GDPR) and changes to The Privacy and Electronic Communications Regulations 2003, (PECR) will have on businesses selling b2b
Our business offers b2b telemarketing services to generate sales leads and we are not alone in selling business to business. Lots of organisations have multiple product lines that they sell to large numbers of corporate customers. And, companies need to evaluate the impact of GDPR and PECR on their ability to do their sales and marketing jobs. Business owners, marketing and channel managers, amongst others, need to work out how to ensure GDPR doesn’t impede their ability to work with their prospect and customer databases. They need to decide what to do.
The interesting thing is that if you’ve been doing things right up to now, you shouldn’t have too many problems. Data protection has always been sensible. Simply put, marketing convention suggests that you shouldn’t annoy people if they clearly don’t want to hear from you. And, if you are transparent, you shouldn’t raise any issues. There are some differences such as sole traders being viewed as individuals under the Data Protection Act. However, if you’ve been doing it right thus far, chances are that, unless things change dramatically, you’ll do it right post May 2018. However, it makes sense to check.
So, what’s all the fuss about? There’s a lot of noise (and hysteria) in the marketing press about GDPR. This isn’t the blog to explain the finer points of data protection and the new regulations since there are many who are more qualified than me to do that. This blog is more related to what you need to do to help you from a marketing standpoint. Therefore, let’s look into what you should consider, regardless of GDPR, to render your business fit for purpose and to validate and build your customer database.
In reality, many businesses that sell to other businesses simply have a list of contacts, their phone numbers and email addresses and some notes on conversations alongside any contact and purchasing history. Some of those contacts will be actual customers. Some will have made enquiries and not bought. Some will have no knowledge of your business or services as they’re cold prospects. Some will be customer service queries and complaints.
There’s generally nothing sinister. However, if your employees do take notes, it’s important that the notes are factual and accurate and not emotive or defamatory in case of a Subject Access Request where someone requests all the information you hold on them.
If businesses manage their marketing correctly and have a legitimate interest or consent to process the data, they should be okay. Every business must hold suppression files of individuals/businesses that have asked to be taken off their marketing list (that means all channels) against which they screen future marketing communication. They should screen data against CTPS opt-outs, every 28 days, to ensure that they don’t flout the law. They also need to take care that prospect data isn’t so old as to be totally out of date. That’s bad marketing anyhow and professional businesses should have some form of data policy whereby they remove old information that is out of date and no longer relevant e.g. 6-12 months following last use. These actions are data protection basics.
However, in reality, it’s not just data protection with which marketers need to be concerned. As mentioned above, The Privacy and Electronic Communications Regulations 2003, PECR relate to:
The key thing above for outbound marketers to consider (as opposed to those that look after the business online presence) relates to marketing calls. If contacts on your database are customers, you can, of course, continue to make calls to them. However, whilst possibly unlikely for regular customers, remember that the individual is entitled to withdraw his/her consent to further marketing at any time.
The problem comes with those customers that are on the borderline. What I mean by that is what we’ve experienced many times with clients that have large customer databases. That is where they have a large client list that they define as ‘customers’ yet the data is so old that large numbers of contacts have changed and the actual contact and/or transaction was made many years before. Or, the purchase was relatively small and the person doesn’t even remember. We’ve even undertaken campaigns contacting ‘customers’ for clients in the past with transaction dates back to 2007 and earlier. As a consequence, many of the contacts don’t even know who you are let alone consider themselves as customers.
The above example isn’t uncommon as it is hard to keep data up to date. Certainly, you can/should periodically send emails asking your contact list to refresh their information. However, it’s unlikely that most suppliers want to give their active customers the option to drop them from all communication. Note: It is a legal requirement to provide an unsubscribe option on marketing emails.
It’s vital to keep data clean not least from a marketing wastage point of view but also to maximise sales opportunities let alone from the legal standpoint. So what do you need to do to ensure you don’t fall foul of GDPR and new PECR rules and do irreversible damage to your customer database?
The above isn’t exhaustive but illustrates some of the elements that will help you along the right path. What’s more, just by making the calls, you can unearth future opportunities and build your sales pipeline all the while cleansing your database and getting your business in good shape for the new rules.
If you’d like to discuss a database project, contact us now.
Disclaimer: Nothing in this blog constitutes legal advice If you have any concerns whatsoever about Data Protection or the new PECR rules, you must seek proper advice from a legal expert and not rely on any information contained within this blog.
• More news and blogs from GUEST AUTHOR