Impacting the online marketing world, the GDPR is officially here. With so much grey area in its interpretation, it’s hard to understand what actions Australian based businesses need to take.
While Purple Giraffe is NOT an expert in this field, we needed to find out more about it and how it impacts our business and wanted to share that information with you – our clients and community. With this in mind we did a little digging.
Read on to find out what we discovered and what it might mean for your business.
What is the GDPR
GDPR – those 4 little letters that have come to mean so much for so many businesses around the world…..
GDPR stands for the ‘General Data Protection Regulation’ and it’s a headache of a privacy law from the European Union that is focused around the processing of personal data – essentially collecting it, storing it and using it on a long term basis.
In a nutshell, the result of this new law is that businesses are now required to have specific permission provided by each person to firstly store their data, and to then contact them using it. Even though it’s a European Union law, all online entrepreneurs need to pay attention because it does cause significant changes in the way that the online industry is allowed to communicate internationally.
Is it relevant to you and your business?
As we understand it, at this stage, it is only relevant to you and your business if you are trading in the EU or have any customers/database contacts, that you regularly communicate with, based in the EU.
Its location based – not nationality based. So if you have Australians living in London on your database, it applies to you.
Also, it is worth noting that if you are not 100% sure of the location of some of your customers/database contacts, and there is a possibility that they are based in the EU, it is also relevant to you.
If you do have people on your database that are based in the EU or you regularly seek to add people based there onto your database – it is most definitely relevant to you.
If GDPR is relevant to you, here is a very basic checklist of what you need to do now to comply.
If you do have EU based clients/customers/database members – or seek them – it’s simple – you must expressly get their specific permission to be able to communicate with them.
Permission from existing contacts
For contacts that are already on your database and based in the EU (or potentially based there) you must now ask their permission to send them any further communiqué. If you do not get this express permission you must delete their personal information from your database.
We suggest undertaking the following steps:
- Segment your database and identify the contacts that are based in the EU (or potentially based there)
- Email these contacts asking for their permission to continue to communicate with them – essentially asking them to opt in to staying a member of your database. In the email make them aware that if they do not respond you will need to remove them from your database and they will no longer receive your communications.
- For those that do not opt in – remove these contacts
Ouch! We hear you. It goes against the grain to remove contacts from your database, but to comply with these new requirements you must. So, it is inevitable – there will be some attrition rate in terms of your database numbers. However, to see the positive, we like to see it as a way to ‘clean up’ and refine your database to include those that are engaged with your business and brand.
New permission process
The good news is that many platforms, like Mailchimp, now provide functionality via which you can add in the appropriate permissions to make sure that any new contact that signs up will be compliant.
If you have your own CRM or database system, we advise you make sure that you ask permission for all the types of communication you may send them and keep a record of this. The podcast we provide below details simple ways in which to do this.
It’s a lot to take in
If you are not sure about any of the above or just generally want to know more, we suggest listening to the below linked podcast. It’s an hour long, so do it when you have time – and perhaps a coffee! It’s explained in plain, simple English, from knowledgeable people, and outlines who the GDPR effects and how to design your new approach if it’s relevant to you.
You may also like to seek your own legal advice if you have questions specific to your own business circumstances.
We are here if you need us
Purple Giraffe are not experts in this topic, but we can help you get compliant, so if you need help implementing actions to help with your compliance don’t hesitate to contact us.
And as we mentioned above, if you want specific and detailed expertise in this area, we suggest seeking legal advice from representatives that specialise in this area.
Thank you for your time…. Now back to business!