Be brave and push the bar to deliver value back to your customers. That’s the advice the new Chair of DMA Scotland gave marketers just before the European Union’s (EU) sweeping new legal framework for data protection went into effect last month.
Firas Khnaisser said the General Data Protection Regulation (GDPR) is an opportunity for marketers to get “super creative” with content and “realize the true value of data.”
Ultimately that may be the case. But the GDPR just went into effect May 25. And in these early days, marketers worldwide are facing challenges.
Email Marketing Lists Shrink
The EU law has set off a wave of multi-billion dollar privacy complaints against companies including Facebook, Google, Instagram, and WhatsApp. It’s forced companies to block their websites from European users and triggered a precipitous drop in programmatic (automated) ad-buying in Europe.
Conscientious marketers, eager to comply with the new data privacy provisions, flooded consumers with GDPR-related emails that asked for their explicit consent to receive marketing communications. But most recipients ignored them, leading to huge erosion of existing email lists.
Another marketing firm, PostUp, estimates that only 15 percent to 20 percent of Americans are even opening the emails — lower than the already-dismal 25 percent to 30 percent open rate for the emails worldwide.
How the GDPR Changes Marketing
The GDPR ushers in meaningful changes in the ways businesses operate and more clearly defines how they interact with consumers.
It shifts the balance of power to consumers by giving them expanded rights to modify, delete, and receive a copy of the data any organization holds on them. Specifically, it requires marketers to protect all personal data generated by EU residents.
But the GDPR has global reach, with the likelihood of affecting any company that handles the personal data of any European Union (EU) residents — regardless of where the company is based.
As Arke CEO Eric Stoll explained, the GDPR even applies to small US-based companies with incidental sales to EU residents.
“The minute such a business captures an email address of an EU resident with an intent to communicate with him and track his response that business becomes subject to GDPR, regardless of where the business, server, or subject is located at the time,” Stoll said.
Deliver Value to Customers
“Audit your current marketing activities, including what data is collected and how it’s processed. Coordinate closely with your legal and privacy teams about your approach. And think about how you can use a pivotal moment like the GDPR as a way to engender value and trust in your future engagement with customers,” he suggested.
Stoll agreed, noting that the GDPR will compel marketers to be more thoughtful, transparent, and respectful of the data they collect and use. “That will go a long way toward rebuilding trust with consumers at a time when many have grown skeptical and weary over highly publicized incidents of misuse of their personal data,” he said.
Think ‘Should We?’
The GDPR won’t put an end to personalization. But it will change it. As the GDPR explains, “the processing of personal data for direct marketing purposes may be regarded as carried out for legitimate interest.”
Realistically, that means marketers need to take a step back. — to stop personalizing every piece of communication without regard for what is appropriate for the consumer. In the words of Samuel Scott, a global keynote marketing speaker:
“Collecting data on people, tracking them, and hitting them with cheap, individualized messages en masse is not advertising – it is direct response marketing. And people hate it,” he said.
Scott said marketers are prone to embrace all manner of marketing technology without regard for consumer preference. “To quote Jurassic Park, we are so preoccupied with whether or not we could that we don’t stop to think if we should,” he said.
Now we have to stop and think … to weigh personalization against purpose, to ask “how does this deliver value to the consumer?”
Humanizing Digital Again
Arke CMTO Chris Spears said no business should invest in technology until it understands how it will affect its customers, its employees, and all of its other stakeholders. The key question: Whom does it serve?
In a recent LinkedIn article, Spears wrote:
“After years of misplaced reverence for technology, marketers are embracing a more human-focused paradigm. We’re increasingly viewing people as our priority. And we’re accurately demoting tech from a silver bullet to an enabler of speed, convenience, and better brand experience.”
The GDPR encourages marketers to prioritize human beings over cookies, IDs and IP addresses. They’re rethinking ways to deliver value to consumers and acting with more intention and respect. While that change in behavior is likely driven by concerns over legal ramifications, it’s nonetheless good for the digital ecosystem.
As an example, consider the way brands like Etsy demonstrate their respect for their audience in a voice that addresses them with intelligence and clarity:
“Welcome to Etsy. We’re so glad you’re here. Make yourself comfortable and have a good time, but please follow our house rules.”
4 Best Practices to Deliver Value
As we work together to implement laws like the GDPR and advance deeper, more meaningful relationships with customers and prospects, there are a few basic things to remember.
1. Mind Your Manners
Extend the same courtesies you offer a person face-to-face with those who connect with you through your digital touchpoints. Don’t assume a person wants to receive your email newsletter just because she made a purchase. Don’t assume a person who opts-in to receive digital receipts wants all your marketing materials. And please — remove all pre-ticked boxes of consent for future contact in your email.
Consent must be unambiguous and the retailer must keep records of consent under the GDPR’s accountability principle.
2. Be Transparent
The GDPR requires you to be explicitly about your use of data. Make sure your tell website visitors how you plan to use their personal information. Also, tell them how you plan to share the data or use it with third-parties. And do it in clear and plain language, not legalese.
Any information and communication relating to the processing of personal data should be easily accessible, easy to understand, and written in clear and plain language.
3. Keep Your Data Clean
Clean or scrub your data to remove any incorrect, incomplete, or duplicate data. The GDPR also requires you to remove irrelevant and unnecessary data. Good data hygiene is not only good for compliance; it’s also likely to increase your open and click rates.
Limit personal data collection, storage, and usage to data that is relevant, adequate, and absolutely necessary for carrying out the purpose for which the data is processed.
4. Listen Attentively
The GDPR provides individuals “the right to be forgotten”; that is, to have personal data erased — as easily as it was for them to provide the data. So know where and how your data is stored. And have a process in place to respond if someone asks to have personal data deleted.
Individuals can make a request for erasure verbally or in writing. Respond promptly – within a month.
For More Information
- How to Cope With GDPR: New EU Data Law Promises Big Changes for Marketers
- Consent and Data Governance
- Data Security & International Transfers
- Data Retention, Erasure, Access Requests, Preference Management
- The GDPR Is Here: Is Your Site Still Accessible in the EU?
(Arke is providing these articles for informational purposes only. They are not intended to provide, and should not be relied on, for legal advice.)
Want to learn more about GDPR compliance? Email Eric Stoll for more information.
Atlanta-based Arke develops strategies and implements digital technologies for better brand experience for your customers.