Any Australian retailer that has an establishment or offer goods in Europe have to comply with the General Data Protection Regulation set to take effect in May 2018.
Widely considered to be one of the most significant data privacy reforms, the General Data Protection Regulation (GDPR) is set to have great ramifications on the marketing industry. While not set to come into effect till May, new data protection requirements extend the scope of the GDPR to include all foreign companies that process personal data about European residents as well.
As such, the onus is on Australian retailers to be prepared for such changes as retailers here have global reach. Fines for breaches can reach up to a hefty $24 million or 4 percent turnover. Under the new legislation, companies would require a legal basis for data processing, anonymise all collected data, and notify consumers of any data breaches. Any Australian retailer that has an establishment or offer goods in the EU would have to comply with the GDPR. Retailers that interact or store data from individuals in the EU would also be included.
Given the contemporary marketer’s reliance on data for their campaigns, the GDPR can have far-reaching consequences on how businesses interact with their consumers. In order to assist email marketers in their preparation for the GDPR, here a few factors to consider.
Data verification and ownership
The GDPR will have a noteworthy impact on how businesses interact with customer information and data. In many ways, these changes represent a shift in data ownership; the new legislation acknowledges that the customers are the ones who own their individual data.
Marketers will also have to start recognising that permission to utilise an individual’s data is no longer infinite. In the case a registrant ceases to engage or be active with the company, marketers would have a period of time before they cease using their data.
The death of email blasting
Compelling research has consistently indicated the ineffectiveness of an email blast strategy. In fact, a recent survey has shown triggered emails to be 624 percent more effective. Not only are they often irrelevant to the recipient, email blasts are also detrimental to the brand and fosters a negative brand association for the customer. However, with the upcoming GDPR, there is a real and tangible incentive for customers to invest in proper segmentation.
Under the GDPR, businesses simply cannot afford to blindly compile a list of email addresses and hope for the best. The changes in legislation mean that businesses need to ensure proper identifications for the data they collect as to be compliant. From proper identification of the email address’ owner to tracking engagement levels, data sets will need to be comprehensive and up to date.
Audit your data
With this in mind, perhaps the biggest lesson to take away from the GDPR is the need to properly control and audit the data your company has access to. From the data itself, the context of its acquisition, to its responsible storage – being open and transparent with consumers about this information is the best practice. In order to be prepared for this level of accountability, businesses should start accounting for all the data they have stored and make sure everything is fully documented.
Under the GDPR, businesses will be charged with a higher level of responsibility for the data they store. In the event that a data breach occurs where the customer’s data is compromised, they are obliged to report this breach in a timely and transparent manner. It is also recommended for the businesses to anonymise all data as this helps to assist them in achieving compliance in day-to-day processing activities.
It’s evident that the GDPR will impact the e-commerce industry in many ways. With many marketing practices finding themselves to be increasingly data-driven, it’s imperative for marketers to be aware of the upcoming changes. In the face of such changes, being responsible and transparent is the key to being prepared.