As we approach the GDPR enforcement deadline on 25 May 2018, Royal Mail Data Services’ annual survey of UK marketing, data and analytics professionals reveals that the new regulation will give UK marketers a new opportunity to improve marketing effectiveness by dealing with persistent customer data management concerns. According to the study, 58% of organisations are worried that their customer data may not comply with the new regulation, and 43% expressed concerns about data sourced from third-party data providers.

GDPR non-compliance carries hefty fines, but mismanaged customer data has even more far-reaching costs. Poor-quality customer data costs UK businesses, on average, 6 per cent of annual revenue, according to the study. This may mean marketers are missing out on the benefits of compliant and permissioned third-party data and data-quality management services from trusted sources. Such resources can help to not only improve the overall quality of customer contact data but can also be used to support the implementation of effective permissioning campaigns.

So what must organisations do to ensure their customer data is accurate, compliant, and properly permissioned ahead of the enforcement deadline?

Mapping data flows

Gearing up for the GDPR calls for an improvement in the orchestration of multiple sources of customer data. The responsibility for collecting and managing incoming customer data is often shared across multiple functions without consistent processes for data collection, validation and cleansing. Mapping all incoming data flows will allow businesses to see how their data is managed and cleansed at all touchpoints. Comprehensive data mapping also allows compliance experts to break down siloed working and ensure all customer information is treated with the same scrutiny when it comes to accuracy and permissioning.

Permissioning for GDPR

Today, nearly half of all marketers (48%) either have no plans to or do not know whether they will seek fresh permission from their customers. Gaining the consent necessary to continue effective customer communication under the GDPR is achievable, but businesses need understand that repermissioning needs to start sooner rather than later.

While the new data protection regulations change the rules around consent, with the proper permissioning strategies and data management practices, business and marketing operations will not be adversely affected. First, it’s important to make the distinction between first-party marketing (to existing customers) and third-party marketing (to prospects).

Marketing to existing customers under the GDPR is defined as being in the “legitimate interest” of the company and its customers. This means that in most cases and for most channels, businesses just need a simple and well-worded “opt-out” message to provide current customers with a clear opportunity to object when their data is used or collected.

Clear, affirmative consent must be gained before the company can engage in new communication to prospects. This becomes challenging when dealing with bought-in name and address data. Choose a trusted third-party data partner that provides GDPR-compliant contact data to use to target new prospects.

Customer data that was not captured with a process or privacy statement that complies with the GDPR doesn’t necessarily have to be discarded. Businesses can set up systems to automatically contact those individuals again to request appropriate consent, thereby repermissioning customer data for marketing purposes.

Establishing new data quality practices

Once existing contacts are permissioned, and the business has established a formal system for cleansing and permissioning all incoming customer data, the next step is to establish formal, continuous data cleansing and enhancement processes to keep customer information accurate, permissioned and compliant over the long term. A third-party analysis can help companies identify any compliance concerns in their new practices, and establish the ongoing processes that will ensure compliant and permissioned customer contact data moving forward.

Achieving greater marketing effectiveness

GDPR-compliant data is necessary to meet new regulatory standards, but the data-processing protocols put in place will help businesses achieve greater results for their customer engagement overall. Enhancing customer data with third-party data sources helps marketers reach new customers while ensuring their internal contact data is continually up-to-date. Marketing mail, such as direct mail and door drops, is particularly good for reaching new customers under the GDPR, as door drops and unaddressed direct mail target postcodes rather than individuals. They’re a great way to cut straight through to prospective customers, and proven to drive online interaction. In fact, as a result of receiving direct mail, 92% of people were driven to online activity, 87% were influenced to make online purchases and 54% engaged on social media.

Looming GDPR deadlines give marketers a mandate to educate leaders on existing data challenges and make the necessary investments to overcome persistent data quality issues. While the next year will require a major effort to bring their data into compliance, the long-term result will be a more unified customer data strategy that fuels greater marketing effectiveness.


By Jim Conning, managing director at Royal Mail Data Services

GDPR Summit Series is a global series of GDPR events which will help marketers to prepare to meet the requirements of the GDPR ahead of May 2018 and beyond. Further information and conference details are available at

comments powered by Disqus