Nearly three quarters (72%) of marketers in the UK either cannot answer, or incorrectly list, the necessary conditions to meet the requirements for GDPR (General Data Protection Regulation), according to a new survey.

Email service provider, Mailjet, found that with less than a year to go until the 25 May 2018 deadline, just 17% of marketers have taken every recommended step towards GDPR compliance. Some admitted they are yet to take any checks and changes.

This could well be explained by the fact marketers believe they’re facing a total fine of €5.2 million. In reality, the maximum penalty for noncompliance is €20m, or 4% of their global revenue.

Areas of confusion

While 64% assume GDPR means they must ensure individuals are able to opt-out easily, 32% of UK marketing professionals believe they will be able to automate processing of location data without “opt-in consent”, this rises to 35% in the case of personal preferences data.

Other misconceptions include;

· Over a third of marketers (34%) incorrectly think individuals over the age of 70 and those who have not been responsive for 90 days are exempt from all automated marketing decisions.
· 35% of marketers wrongly believe the Privacy and Electronic Communications Regulations (PECR) will exempt B2B marketers from GDPR.
· 44% of respondents claim businesses that employ over 250 staff must appoint a chief data officer, despite this only being a requirement where data is of a particularly sensitive nature.
· 32% claim the regulatory changes will mean their organisation must guarantee that all marketing recipients are free from imprisonment.

Rachel Aldighieri, managing director at the DMA, said: “With just a year left to prepare, and despite high levels of awareness, the number of businesses ready for the new laws is still low. Even more concerning is that we’ve also found in our own research that only half of businesses expect to be ready in time for the May 2018 deadline. Recent announcements and guidance from the ICO has only served to more worries that the interpretation of the new laws will be overly strict. What we need is balanced and fair guidance from the ICO, and we need this urgently if we’re expected to be ready in time.”

First timers

Overall, only 38% of UK marketers have changed procedure for a regulation before. In contrast to in-house marketers, experience is particularly scarce within marketing agencies, where 90% are potentially facing change for the first time.

Only half of marketers state they are aware and compliant with the existing EU Data Protection Directive; this dips to only 41% among in-house marketers. Significantly 23% of marketers are aware their company may not be compliant with existing regulations.

In-house marketers more apprehensive than agency counterparts

Forty-two per cent of respondents believe marketing communications will become more relevant to what recipients want to see and the quality of campaigns will improve under GDPR. However, 13% actually see a negative impact coming from GDPR. Despite the importance of their customers’ interests, sentiment is greater among marketing departments, 20% of whom feel processes will be significantly slowed for compliance and the new regulations will make prospecting much harder.

Three in ten (28%) don’t believe there will be any effect as a result of the stricter consent based rules coming into place. This rises to 37% among marketers with decision-making authority within their organisation.

Josie Scotchmer, UK marketing manager at Mailjet, said: “While it’s relieving to hear 48% of marketers have begun reviewing how they seek and record consent, there’s no doubt that GDPR will have a huge impact when it comes into force. For many, it’s the first time they have had to respond to international legislation and the scope of work this process entails is only just becoming clear to them.

“It’s up to every partner in their ecosystem to provide the support, guidance and expertise that will ensure they don’t fall foul of the heavy penalties reserved for any noncompliant businesses. For marketers who think it will negatively impact their marketing efforts, need to put their customers' interests ahead of more stringent processes and regulations.”


By Jonathan Davies, editor, Digital Marketing Magazine


GDPR Summit Series will help businesses to prepare to meet the requirements of the GDPR ahead of May 2018 and beyond.

Further information and conference details are available at

The GDPR Summit Series has been specifically designed for business generalists rather than data protection or privacy specialists and will provide delegates with a comprehensive picture of the new regulations and a practical understanding of the implications and legal requirements needed for compliance.

GDPR Summit Series is a global series of GDPR events which will help marketers to prepare to meet the requirements of the GDPR ahead of May 2018 and beyond. Further information and conference details are available at

comments powered by Disqus