7 Replies Latest reply on Jan 23, 2018 1:08 AM by Macarena Mazzeo

    GDPR summarised in 5 key points

    Macarena Mazzeo

      Hi All,

       

      Below 5 key points that summarise very good the impact of the GDPR (taken from SiriusDecisions: https://marketplace.siriusdecisions.com/Blogs/GDPRIsComing5MarketingAutomationPitfalls):

       

      1. MAP "data management campaigns.” Although marketing automation has encouraged systematic data embellishment and “use your data to create new data,” companies must now ensure all such activity is declared. Data from the past will need to be audited, and marketers are responsible for future updates and the outputs of any new or existing automated procedures.
      2. Reverse IP tracking. As marketing automation has found its pivotal and permanent place in the hearts of our businesses, reverse IP tracking has become part and parcel of everyday prospecting. Before GDPR, this was somewhat of a gray area – but now it's crystal clear. Marketers must seek consent before storing and processing an individual’s IP address.
      3. Lead scoring. Scoring programs provide marketers with ready-made segmentation and an engine to automatically send leads to sales. In GDPR terms, this type of processing constitutes profiling, and marketers must have consent to do it. Across the aisle in sales, propensity-to-buy calculations may also be hard at work in a sales force automation system. If this is used to profile for followup then, once again, permission must be granted.
      4. Reactivation programs. Marketers regularly seek to jump-start old databases by running reactivation programs for individuals inactive for months or even years. Unfortunately, under GDPR, individuals who have not opted in recently to communications cannot be contacted in this way.
      5. Record disposal. Finally, something outside of all marketers' comfort zone. If you do not have consent to store and process an individual's data, you must delete what you have. This applies to records accumulated over time but lacking opt-in, as well as to individuals who withdraw consent.

       

      Hopes these helps everyone.

       

      Thanks!

        • Re: GDPR summarised in 5 key points
          Dan Stevens.

          Boy, I wish these were just scare tactics - but they're not.  These points are close to becoming reality for the majority of digital marketers.  I guess our only hope is with the ePrivacy Directive - which is currently working on some revisions/recommendations to GDPR that relate specifically to digital marketing.  Unfortunately, these recommendations may not be available until 2019, well after GDPR is in full force.

          • Re: GDPR summarised in 5 key points
            Darrell Alfonso

            this is great thank you!

             

            i've never heard the lead scoring one before. I feel like that is a little much.

             

            Dan Stevens. what do you think about the lead scoring = profiling and we must have consent?

              • Re: GDPR summarised in 5 key points
                Dan Stevens

                Hi Darrell - it seems like each day, I learn of more restrictions that will be needed to comply with GDPR.  It's as if we all need to do a cease and desist when it comes to full-scale digital marketing.  With our hands tied like this, how can we do it effectively?  Even if we have opt-in consent to email (which is a best-practice anyway), there are additional restrictions on how we can use the data, how long we can retain it, how we have to honor the rights of the data subjects, etc.  Email isn't even a primary channel for us anymore, given how difficult it is to actually make it to the user's inbox; and all of the false-positives as a result of link scanning by the email servers.

                 

                It's actually the cookie consent that has me most worried.  Who in their right mind thinks that website visitors are going to take the time and provide cookie consent for every website they visit (or give explicit consent to marketers to be able to track other engagement, like email opens.  I'm at a loss.  And if I were Marketo or any other marketing platform, I'd be really worried.  Most of the capabilities of what brings value to their service/software is going to have to be disabled - until proper consent is achieved.

                 

                Here's some additional food for thought - specifically around cookie consent (see some of my comments in this thread);

                Re: GDPR

                GDPR and Hidden Fields

              • Re: GDPR summarised in 5 key points
                Amy Connor

                This is heavy stuff. I don't understand #1, can someone elaborate?

                  • Re: GDPR summarised in 5 key points
                    Justin Laberge

                    Amy Connor wrote:

                     

                    This is heavy stuff. I don't understand #1, can someone elaborate?

                    1. MAP "data management campaigns.” Although marketing automation has encouraged systematic data embellishment and “use your data to create new data,” companies must now ensure all such activity is declared. Data from the past will need to be audited, and marketers are responsible for future updates and the outputs of any new or existing automated procedures.

                    It basically looks like you're going to need to create a document that outlines how you handle the data once the user has given consent. Basically, what are you going to be doing with this information once they've allowed you to use it?

                     

                    Likely a best practice type thing, if you've documented your sales funnel at all, I'm sure that's a decent starting point.

                  • Re: GDPR summarised in 5 key points
                    Amy Connor

                    Also, one thing I'm really not clear about is whether the email consent applies to 1:1 emails (from someone in Sales) or just marketing emails. Any thoughts?