Key elements of the GDPR and its applicability in Email Marketing
On the 25th of May 2018 will come into force a new European regulatory act, called the “General Data Protection Regulation” (abbreviated GDPR). This is new EU regulation on the protection of personal data and is applicable to any entity that collects and processes personal data of EU residents.
GDPR supports the protection of individuals with regard to the processing of personal dataand their free movement between EU Member States, everything in a context of a high level of confidentiality and increased security. Personal data refers to any information that can be used alone or together with other data to identify an individual. According to the European Commission, an individual’s personal data refers to any information in his or her private, public or personal life (e.g.: photos, web posts, IP address, social media posts, bank details, medical information, etc.)
In the era of digitization, almost every company collects and processes customer data for the purpose of improving its services and optimizing its marketing campaigns. Therefore, as a provider of email marketing, NewsMan recommends you to align with the GDPR requirements to create a trustworthy climate for your customers and protect your business, thus avoiding unnecessary huge fines.
GDPR is not subject to statistics, studies or marketing research that are about providing anonymous information, without any reference to the individual’s data and nothing that leads to his/her identification.
Giving explicit and comprehensible consent is one of the key elements of the GDPR. The only exception when lack of consent is accepted, is when the data processing is performed for an anti-fraud action.
NewsMan advises you to send newsletter to your customers effectively and increase their loyalty by taking advantage of the new EU regulation in order to strengthen the relationship with them by showing them they have control over:
- newsletter subscription (giving specific and circumspect consent several times if different situations are required);
- personal data they provide to you (the right to opt for the rectification or non-processing of the data and the right to be forgotten);
- frequency of receiving the newsletter;
- content type of newsletter (selecting preferred key topics);
- option to renew the newsletter subscription’
- option to unsubscribe to the newsletter
Another important aspect promoted by GDPR is the obligation to designate a Data Protection Officer for processing information that involves the monitoring of a large number of individuals or the processing of sensitive data.
Data operators are required to keep a log of incidents in which data safety and integrity could have been compromised. There are also some situations where they have an obligation to report incidents to authorities and consumers within 72 hours.
In principle, it is forbidden to process data that reveals genetic or biometric information or about health, sexual orientation, race or ethnicity, political opinion, religion, or philosophical beliefs. GDPR lists a number of exceptional cases where this is possible, with certain precautions to consider.
NewsMan recommends you to create your own internal policy for processing customers’ personal data that complies with the GDPR guidelines, and then inform them accordingly about these updates.
To find out more information about GDPR, please check:
- the full text of the GDPR regulation directly on the European Commission website
- The following website dedicated to the GDPR: https://www.eugdpr.org/