The GDPR is fewer than ten days away, and by now most organisations should be making progress through the early stages of compliance, at the very least.

But if you’re one of those marketing bosses who’s had their head buried in the legislative sand, you’re planning for a rude awakening once the new legislative dawns break on May 25th.

Failure to adapt marketing procedures with the new data laws constitutes preparation for failure that will impact upon the whole business. While a data breach might not attract the levees that clobbered TalkTalk, or subject you to a Cambridge Analytica-style demise, inaction will guarantee a visit from the Regulator, financial penalties and reputational damage.

But there is still time to get into shape. First and foremost, familiarize yourself with the new responsibilities that marketers and marketing systems will have to adhere to under the GDPR.

New marketing responsibilities

Reaching out to current and prospective customers will require a permission-based approach which will revolve around obtaining active consent from the data subject.

Customers will need to receive easy-to-understand messages on how their personal details will be used, stored and shared, along with a clear option to opt-in to further marketing initiatives. Failure to opt-out of marketing will no longer mean consent has been given.

The Information Commissioner’s Office (ICO) has published detailed guidance to compliant marketing practice.

Ensuring you have consent for all the data you currently hold is also key, so conduct a data audit to determine what information you have, whether or not it’s compliant, where it is stored, how secure the data is and what risks to holding it are involved. In this capacity, the GDPR will put an end to hoarding of non-compliant data. On the other hand, it will also relieve the storage burden of inactive user details and other information that’s not needed for business operations.

Under tighter security laws, individual users will have new rights, such as the right to be forgotten, and the right to access and amend their personal details with ease. As such, marketers need to be sure that individuals’ data sets are complete, easy to access and easy to amend for consumers.
Moving forward, data collected by companies should be far leaner and consensual, enabling organisations not only to streamline their databases, but also to enhance the relevance and targeting of their marketing, which will make for stronger, more effective campaigns.

Get your house in order

The above information is by no means a comprehensive guide to marketing under the GDPR, but is intended to give a flavour of how life will change in an era of enhanced data security.

Evidenced steps to compliance will not only mitigate risk and any subsequent punishment meted out for a data breach, they will also strengthen your marketing, your firm’s reputation, and more broadly help to nurture a new culture of data privacy that will enhance user-protection in our digital world.

Learn from the experts

To give more guidance on preparing your marketing procedures for the GDPR, ON24 are hosting a webinar tomorrow (May 17th). Industry experts will be discussing the new laws’ implications for marketing practice, and provide actionable steps chiefs can take to steer safely through the new regulatory landscape.

Andrew Warren-Payne, Managing Director at Market2Marketers will be moderating the panel.

As a facilitator enabling between tech companies, agencies and media businesses to connect with marketers and advertisers, Andrew has spoken to thousands of marketers in events spanning over ten countries. He is widely published within his industry, having published through The Guardian, BBC, PSFK and Forbes.

Featuring speakers from Henley Business School and My Inhouse Lawyer, our panel includes:

Abigail Dubiniecki, Specialist, My Inhouse Lawyer
A Canadian freelance lawyer and founder of Strategic Compliance Consulting Ltd, Abigail’s reservoir of expertise nourishes organizational compliance in privacy, data protection and GDPR implementation.

Whether consulting in the top echelons of GDPR consulting, delivering keynotes to senior managers through Henley Business School, or advising UK companies through My Inhouse Lawyer, Abigail’s robust solutions are the perfect reconciliation between compliance, risk and technology.

Zach Thornton, External Affairs Manager, DMA
Since joining the DMA as External Affairs Manager, Zach has focused on lobbying the UK and EU to achieve a balanced General Data Protection Regulation, and is now beginning work on the revised ePrivacy regulation. Intrinsic to his mission will be ensuring that the legislation does not undermine, but drives British business.

Zach is also passionate about politics and current affairs, and stood as a candidate for Borough Councillor in the May 2014 local elections in Tower Hamlets, London.

Richard Preece, Director, DA Resilience
Richard is an experienced international hybrid consultant, leader, Henley Business School Executive Fellow and GCHQ Certified Trainer. He enables organisations to become more strategically agile and resilient, to exploit the opportunities and minimise the dangers of the current and future digital hyper-connected world.

Accelerate your preparation with ON24

Fresh from cutting-edge keynotes at the GDPR Summit: London, our panellists will break down compliant marketing methods, looking at how you can build stronger, more successful campaigns.

Key topics will include:

• Different mechanism for the go-to-market
• Successfully aligning with other business stakeholders
• Optimising the time of company commentators
• Achieving a quick response to regulatory opportunities
• Overcoming key challenges, such as speed to market, content lifespan and market differentiation.

Viewers can get their specific queries answered in a Q&A that will follow the debate.

Click here to register your place on this exclusive webinar.

By Tom Davies, features editor, GDPR.Report


GDPR Summit Series is a global series of GDPR events which will help marketers to prepare to meet the requirements of the GDPR ahead of May 2018 and beyond. Further information and conference details are available at

comments powered by Disqus