The Final Countdown

April 2018

The Final Countdown: Are You Prepared for Incoming GDPR Guidelines?

You’d be forgiven for forgetting that we’re supposedly in the midst of Spring, thanks to the recent weather. But despite what the grey skies outside might suggest, we’re rapidly approaching the Summer, and with it the introduction of the EU’s new GDPR guidelines. Are you ready for the changes that are coming?

 

What You Need to Know

Coming into effect on 25th May 2018, GDPR promises to hand back control of personal data to individuals, as well as cementing the right to be forgotten for everybody. It will re-define the relationship between businesses and their customers, with new obligations around transparency, data protection, and storage.

All of these changes mean that organisations are scrambling to update their privacy policies and secure the all-important ‘positive opt-in’ from customers (i.e. consent musn’t be assumed, but instead unquestionably confirmed) to avoid the hefty fines promised by lawmakers.

 

Who is Affected?

Any business of any shape or size who deals with any customers within the EU must comply with GDPR – so really, just about every business in the UK! Although many are hoping for Brexit to undermine GDPR’s realisation, the reality is that it changes nothing – in fact, the UK played a big role in putting together GDPR!

The changes which need to be made are particularly pertinent to marketing managers, customer relationship managers, and those processing data within a bespoke CRM solution. That’s because consent must now be secured to market to individuals using their personal data, and CRMs must be maintained in a compliant way.

 

How to Keep Your CRM Compliant

Whether you’re using an off-the-shelf product or a bespoke CRM solution, there are certain steps you can take to support your GDPR compliance as we step closer to the May launch date:

  • Firstly, it’s important to factor into your privacy policy how data is stored on your CRM, as well as what data is stored, how it is protected, and what to do in the event of a data breach. Transparency is a huge factor in GDPR, and being honest and open will ensure you’re on the right footing.
  • One of the other pillars of GDPR is consent. You’ll need to gain positive consent from each of your customers to ensure that your CRM’s marketing resources can continue to be used. Individuals who make a request to be forgotten will also need to have their request dealt with, so factoring in how your team would go about deleting information is crucial.
  • Finally, consider how long data can be stored on your CRM. In some cases, GDPR expressly outlines how long information can be stored, and you’ll need to do some introspection to see if there’s a case for keeping data long-term – such as it being needed to provide the services requested – and outline your reasons in the privacy policy.

 

You’re Not Alone

If all of that felt overwhelming, or the impending deadline for compliance is convincing you to bury your head in the sand, don’t fret: you’re not alone. Although we’ve had a while to prepare, recent research has shown that only half of UK businesses are expected to be compliant on May 25th.

Of course, it’s best to be on the right side of GDPR as soon as possible, which is why the ICO’s guide to GDPR is an invaluable (and free) tool for businesses. Following the steps outlined by the Information Commissioner’s Office will bring you up to speed with your competitors, and ensure that 25th May passes you by without incident. Good luck!

Keep your customers’ data safe with a cloud-based bespoke CRM solution designed with security in mind. To find out more about our bespoke CRM, feel free to explore our website, or get in touch with our team directly to book a free demo.