BSA blog

BSA blog

News and views on topical issues from BSA staff and guests.

Sign up to receive blogs

By subscribing you consent to us sending you blogs


Guest blog: GDPR - are you ready?

Originally published in the winter 2017 edition of Society Matters magazine
By Paragon Customer Communications

GDPR-(1).jpgThe new General Data Protection Regulation (GDPR) is drawing nearer, becoming enforceable on 25 May 2018. Is your company ready? Here, we explore ‘re-permissioning’

When the new GDPR comes in, amongst many other responsibilities, companies will have a duty to ensure they have proper consent to communicate marketing messages to their customers.

Consent needs to be freely given, specific, informed, and an unambiguous clear affirmative action.

So, if your current consent measures don’t meet the new GDPR definitions you will have to refresh it – or find an alternative lawful way to send your communications.

Your existing consent may not be acceptable under the new GDPR in a number of ways. You will need to ask: “Was it coerced, bundled in with something else in order to receive a benefit? Was it not an affirmative action such as pre-ticked boxes on a webpage or inferred from silence?” If the answer to either of those questions is ‘yes’, or the consent was obtained a long time ago or you don’t have proper records that the customer gave it, then you will need to get back in touch with parts or all of your customer database to secure the right permissions to market to them.

As the GDPR deadline draws closer, there is a risk of individuals becoming bombarded with permission requests and choosing to decline more than they would if they had been approached sooner.

These changes in regulations present an opportunity for businesses to cleanse their customer data, re-engage, and remove those who aren’t interested in receiving your communications.

Businesses need to make it easy for customers to give their consent. Customers are more likely to consent if they value what you are offering and trust you to do what you promise. If they feel that you can store personal information securely, that you won’t pass it to third parties, and that you won’t bombard them with irrelevant messages.

Re-permissioning is possibly the most important marketing campaign you will ever run, and it needs to be properly planned, created and delivered as a co-ordinated activity – monitoring engagement and reacting accordingly with pre-set business rules. Simply put, getting it right will allow you to continue marketing to your company’s most valuable resource – your customers.

You might wish to adopt a ‘ cascade’

[Click to enlarge image]

It is important to look at re-permissioning in an integrated fashion and co-ordinate your efforts:

  • Understand which audiences it is key to re-permission (not all will be worth the investment), using data analytics to profile the base in terms of demographics and customer value.
  • Understand which channels are open to you, and prioritise based on audience likelihood to respond.
  • Work out how often you want to contact before ruling out further attempts.
  • Track engagement and switch channels as required.
  • Reset the clock for when consent will need refreshing in the future.

It is vital to get the messaging right. You could vary your messaging for different audiences, using dynamic content for each audience based on demographics, and using the content most relevant to your audience.

Posted by The BSA Team on 18 December 2017