The EU’s General Data Protection Regulation (GDPR) takes effect on May 25th. The law requires that brands receive explicit consent from consumers to collect data. Plus, consumers must have easy access to withdrawing their consent at all times. While many brands have appointed data compliance teams in anticipation of the law, compliance is only a piece of the puzzle. Sure, companies that are in compliance with GDPR will avoid fines, but it doesn’t mean they’ll successfully keep the customer data they have or gain access to a sufficient amount of data from new users.
That’s where your marketing team comes into play.
In a recent webinar, The GDPR Evolution: How Savvy Marketers Will Survive and Thrive, Signal explained how companies should include their marketing departments in GDPR preparations from start to finish. Here are a few reasons why:
Defining Legitimate Interest
In the GDPR, it states that data collection may take place if, “processing is necessary for the purposes of the legitimate interests pursued by the controller…”
While what constitutes legitimate interest is still largely up for debate, experts worldwide agree that defining interest requires an understanding of how you use data and why. Work with your marketing team to determine how data fits into every stage of the funnel from email nurture streams to on-site ads. Not only is this an opportunity to take stock of your marketing strategy, but it is also a chance to refine and streamline your data collection efforts to determine the scope of your data consent messaging.
Shaping Consent Messaging
While best practices are still being defined around GDPR implementation, one thing is clear: those who clearly communicate data’s role in the context of customer value will come out ahead. Work with your marketing team to shape messaging around why data collection will benefit your audience now to ensure greater data collection and retention later.
For example, Signal cited an airline brand that experimented with data consent messaging.
- First, the airline requested permission to collect customer data and received only a 5% response rate.
- Second, the company offered a personalized travel itinerary in exchange for data consent—explaining the data they collect is used for similarly personalized experiences. The response? A 40% increase in data collection consent.
Reviewing Partner Relationships
Brands will not be held responsible for how 3rd party partners handle customer data. That said, companies will have an easier time establishing trust with customers if they can explain not only their own approach to data security and privacy, but partners’ strategies as well.
Take stock of your marketing stack and work with the team to determine how you use each channel. From there, do some research or ask your Partner Marketing team to see if your tech partners have an approach to GDPR. If not, set up initial calls with your contacts at these companies to make sure you’re on the same page about how to collect and use data.
Honing Compliance Communications
Customers are more likely to trust your brand’s approach to data if you can explain what you do with it clearly and easily. Now, while compliance and consent communications may overlap, there is one key difference to keep in mind.
Namely, compliance communications should focus on where, how, and why you collect data on your site—not necessarily how the data you collect provides value for your customers. That said, the more clearly you can communicate your strategy for data collection, the more likely customers are to give consent—and that’s where marketing can help.
Whether you’re preparing communications to keep more data you’ve collected or working on the best way to instill confidence in new customers, preparing for the GDPR should not be treated as a “legal team thing.” To make sure you’re covering all your bases when it comes to GDPR, get in touch with our experts today for a free GDPR readiness assessment!