Use new GDPR to build customer trustSep 11 , 2018
Reprinted from South Florida Business Journal.
When I read about the heavy fines for noncompliance that the European Union’s newly revised General Data Privacy Regulation (GDPR) could levy on any company anywhere in the world, I was at first distressed. Then, I thought: “Perfect. Fear of noncompliance is the exact reaction intended.” That thought was followed by: “The European Union may have just done the world a big favor.” And then: “Not only individuals, but businesses, can benefit from the protection of data privacy.”
For all of those who worried about how we were going to regulate Facebook to protect our privacy, the EU, with GDPR, may just have helped to solve the problem for us. This law, which went into effect May 25, basically says anyone using an email address or mining and using the demographic of any European citizen anywhere in the world had better have permission from the individual to do that – or they could be subject to huge fines as much as 2 to 4 percent of a company’s revenue.
Separating out European citizens among the users of the global internet is not a practical opportunity, which may be why the regulation stipulates whatever the location. Europeans travel and live throughout the globe. There is little, if any, data on how many Europeans have dual citizenship and live in the U.S. So the GDPR sent Facebook and many big internet, social media and commerce platforms scrambling to change their user agreements, comply and tell their corporate advertisers it was also their responsibility to comply. Basically, the result can be good for all internet users, not just European citizens.
What do companies need to do to comply for GDPR?
Complying is not a snap of the finger. Every business has customer data that is not only used within the company, but by vendors, contractors and other third parties. Understanding data pathways is critical to compliance. Agreements with all data handlers is also important. The regulation may impact flow and efficiency of company operations, and larger companies may need to create a position called “data protection officer.”
If you store lists of customers, you will need them to re-opt-in more frequently, and you will need to have agreements with them on how you will use the data. Of course, most responsible organizations do this now. But data collection forms will need to be even more clear on what the data will and will not be used for in the future.
What are ‘added precautions’ for marketers?
There is lots of GDPR compliance information available – free guides and major social platforms’ explanations to users and advertisers. We all continue to use the internet more and more. The GDPR will help us use it with more data privacy and trust. A company’s early, careful compliance will build trust from customers and prospects – definitely a competitive advantage.