How much do you know about GDPR?

Posted 24 March 2017 12:00 AM by Ricky Wallace, Marketing Manager @ ClearPeople

Mark 25th May 2018 in your diaries. This is the date the EU General Data Protection Regulation (GDPR) comes into effect. 

If you work in business-to-business (B2B) marketing, this is going to change the way you communicate with both existing customers and prospects in the future. 

So what is it all about?

The GDPR has introduced some changes to data privacy laws and this will impact how we go about marketing to our customers and prospects via email. Previously B2B marketers could send email communications based on implied consent – this means that as long as your e-communications have an easy “opt-out” process, you are free to email businesses with your relevant marketing messages. The new regulations detail that all data subjects you market to must give explicit consent that they wish to receive marketing communications from you and you must be able to prove that this consent was given.

Double opt-in

Many marketers are calling this explicit consent process “double opt-in” which involves the subject submitting their details online and then confirming they are who they say are by approving an automatic email that is triggered at the time of submission.

Giving back control

The purpose of GDPR is to give data subjects back the control over what information businesses hold about them. The legislation demands transparency and easily accessible policies with regards to the processing of personal data.

As a Microsoft Gold partner, we have assurance that Microsoft are updating the features and functionality in all of their services to meet the GDPR requirements, and they are updating their documentation and customer agreements to reflect this. Through Microsoft’s cloud services and on-premises solutions, they can help you locate and catalogue the personal data in your systems, build a more secure environment, simplify your management and monitoring of personal data, and give you the tools and resources you need to meet the GDPR reporting and assessment requirements.

Read more about Microsoft’s GDPR commitments.


For those who don’t comply come 25th May 2018, there will be consequences. Any organisation that markets to personal data that has not given their explicit consent can face a fine up to 20 million Euros or 4% of their global annual turnover – whichever is highest. So, it is obviously a no-brainer that you should ensure you can comply.

But it’s not all bad news

By marketing to people who have specifically opted-in to receive your communications, you’ll find that your engagement rates are much higher so you should see notable improvements in open and click through rates. 

And it has to be worth noting that the DMA has recently issued a statement that suggests that many of the clauses that could have had a significant negative impact on many B2B marketers may be softened so the explicit consent process may not be required after all. However, we need to still be aware of the new legislation a) if marketing to any counties in the EU and b) to future-proof processes should the details of the legislation change.

Top tips 

So, you have just over a year (at the time of writing) to ensure your marketing data complies with the EU GDPR changes. Here’s 11 top tips to get you started:
  1. First determine if your organisation will be affected by the EU GDPR
  2. If you will (and it’s likely that this is the case), figure out exactly how you will be affected 
  3. Understand the penalties
  4. Remember 25th May 2018 – plan a countdown timeline
  5. Establish ownership within your organisation of the process and control required for your opt-in process
  6. Define the specifics of your opt-in statement
  7. Review your privacy and cookie policies and check your consent statements are transparent
  8. Start your opt-in process – gain explicit consent from your data subject – including your current customers
  9. Get as much of your existing data as possible to opt-in to your communications via targeted campaigns
  10. Purchase data lists and get as many of these new data subjects to opt-in before the deadline
  11. Designate a Data Protection Officer, if required, or someone to take responsibility for data protection compliance and assess where this role will sit within your organisation’s structure and governance arrangements.

Some helpful resources

The ICO has helpfully published a checklist of 12 steps which businesses can take to prepare for the Regulation coming into force next May. Download the guide.

Read more about the GDPR and how it may potentially affect your marketing by downloading a handy guide from CommuniGator, one of the leading marketing automation software providers in the UK. 

Take the quick and free GDPR Essential Assessment to benchmark where your organisation is on its GDPR compliance journey.



Add your comment





intranet Modern SharePoint teamwork employee engagement digital workspace SharePoint JavaScript Windows Azure Digital Transformation staff satisfaction productivity Microsoft Teams Office 365 Yammer cms content management system agile GDPR Microsoft Graph collaboration Microsoft sharepoint 2016 upgrade migration SharePoint Online 2016 Tech Trends Digital Disruption Context marketing marketing SharePoint 2010 SharePoint 2013 TFS Git security kentico Analytics jquery QA Quality Assurance testing content management websites Sitecore sitecore marketplace sitecore module cloud Microsoft Cloud Storage digital strategy technical consulting sitecore modules Experience database Sitecore 7 Sitecore 8 support account management customer experience Data Storage cms integration front end front end development prototype Cloud Storage StorSimple Front-end Development Layout SharePoint 2013 colour palette UI design website design log viewer sitecore cms website Azure big data business-critical sharepoint accessibility android apple chrome clear people clearpeople debug emulator ios mobile testing opera resize adobe desktop flash ie10 internet explorer 10 metro windows 8 bcsp Advanced System Reporter reporting framework ControlMode form control master page placeholder publishing console SharePoint 2007 SharePoint error search search results search values software testing testing scenario audit content information architecture retention schedules PowerShell QuickLaunch scripts SharePoint server 2010 business solutions metalogix replication replicator storagepoint stena technet UK Technet picture library slideshow web part RTM released to manufacturing caml caml query MOSS 2007 query infopath