Hands up if you’ve failed your New Year Resolutions? Drowned your sorrows in #DryJanuary? Don’t worry, you’re not alone. If there’s one resolution you need to honour for 2018 however, which will pay your business and your marketing dividends, it’s being GDPR ready. Even if you’ve done nothing of significance yet, there is still time to get some key pillars in place.
With broad and far-reaching implications, organisations must understand and comply with the new legislation and demonstrate that compliance. But beyond these technical requirements, brands will also be required to change their marketing emphasis for the long term to grow permissions through compelling, highly personalised and engaging experiences.
We’re often asked to help our clients demystify the new regulation into practical, actionable steps. Here’s some of that advice on how to get started on your own GDPR journey.
1. Carry out a review of the data you capture, retain and hold across your business. Couple this with an assessment of your data security, making any necessary compliance improvements needed to align to the new regulation. Unless these foundations are right, there is little point in going on to update your privacy policy and data capture techniques. You’ll need to ensure that you hold opt-in permission by each separate marketing channel, and that these are recorded and time and date stamped before any post-GDPR marketing is contemplated.
2. Ideally you should then appoint a Data Privacy Officer or a person acting as such. When you have everything in place you should register your company with the ICO as a data controller, paying the appropriate fees.