HomeInsights
GDPR and Marketing Automation

GDPR and Marketing Automation

Klas Bernehjält
Nov 2017
Klas Bernehjält
Klas Bernehjält
Planning on a whiteboard

Table of contents

How to prepare your marketing organisation

The GDPR imposes new requirements on the collection and processing of personal data. This implies a new way of thinking about data with severe consequences for organisations that do not comply. As a CMO, it is important to drive a change in attitude around data that permeates the entire organisation. The General Data Protection Regulation (GDPR ) comes into force on 25 May 2018. The directive tightens up previous rules in the Personal Data Act, and in many ways also means a whole new way of looking at personal data and its use, and the relationship with former customers, leads and other contacts.As a CMO, it's important to understand what the changes mean and to start adapting your organisation to the new way of thinking now.

Privacy by default

The basic principle of "privacy by default" is about moving away from the casual collection of personal data to collecting and storing only the personal data necessary for the specific processing. This concerns the amount of data collected, how it is processed, who has access to the data and how long it is kept. Any collection, storage and processing must have a purpose. For businesses and organisations, this means moving from thinking of data as something they own, to something they borrow, for a specific purpose and for a limited time.

Broader definition of personal data

The GDPR introduces a broader definition of "personal data". It is no longer just names, addresses, email addresses, phone numbers and the like that are affected, but anything that can be used to identify an individual, including IP addresses and cookie IDs, now counts as personal data and must be treated with the same care. This means that active consent is required for the use of cookies - which must be disabled by default until the user actively accepts that they are used and for what purpose. (However, the EU has proposed a new e-Privacy Directive which, among other things, makes it easier to use cookies to measure statistics and manage a shopping basket in e-commerce.) Marketers must also seek consent before storing and processing an individual's IP address.

Active consent

The GDPR imposes new and tougher requirements on consent. Pre-checked consent boxes are no longer allowed. Consent must be able to be given for parts of the use. And it must be as easy to withdraw consent in whole or in part as to give it.Consent must be actively given. In other words, the individual must tick a box or otherwise indicate what information they wish to receive. It must also be clear to users what they are consenting to. It must be explicitly stated what kind of information they agree to receive or what kind of use of their personal data they agree to. For example, people should be able to choose to accept cookies for login details but not for targeted advertising. The organisation also needs to document the consent and be able to demonstrate when and where the user has consented and what they have consented to.This is where your Marketing Automation setup becomes important to demonstrate that the point of entry is recorded in sufficient detail.As quick and clear as it is to give consent, it should be to withdraw it. In order not to lose contacts completely, your "Preference Centre" becomes important. Here, individuals can choose which contacts they want and which types of mailings they are open to.

Right to erasure

It must also be possible to request to be completely "forgotten" by an organisation. This means the right to erasure, in which case all personal data relating to the individual must be immediately and permanently deleted. It is therefore important that there are processes in place for the prompt processing of such a request. Also, procedures to ensure that the data is deleted in all parts of the data storage, not just in the Marketing Automation system. On the other hand, it is important to review data flows in the different systems of the company (e.g. between CRM and Marketing Automation)Also, data collected and stored before the GDPR came into force, but which lacks authorised consent, must be permanently erased. However, new consent does not need to be obtained for personal data already in the database. As long as the previously obtained consent and its revision have been documented and comply with the GDPR requirements.

Generate UTMClear All
Copy UTM
Copied!
Powered by
Want to use this UTM widget? Copy the code and install it on your site 😊.
Copied!
Copy code
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Here you can create your UTM tag:
Fill in the fields and let us create a UTM tag for you!
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Related content
See related Services, Whitepapers & Trainings
No items found.
See related training courses
No items found.

See related Services & whitepapers

No items found.
Insights
More recommended insights
Girl looking across a crooked road
4 questions about the customer journey
Oct 2023
Anton Nordström
4 questions about the customer journey
In our "ask our employees" concept, they answer questions in sales and marketing. Here Anton answers 4 questions about the customer journey.
Computer script in a room with woman
The central role of data in the age of digitalization
Sep 2023
Jenny Ferm
The central role of data in the age of digitalization
In the digital era, the importance of data is becoming increasingly apparent, especially in terms of being able to bring together, refine and build on data from different systems within the business. This means that there are requirements both for the data itself and for the systems used to create, store and make it available. Most important of all are the requirements for master data, which constitutes a description of key concepts and is used by the entire organization, such as customers, products and employees. In this era of digitalization, data and access to it becomes a crucial factor for success.
3 colleagues standing by a window talking
5 questions about working as a consultant
Aug 2023
Zakariya Muudey
5 questions about working as a consultant
In our "ask our employees" concept, they answer questions in sales and marketing. Here Zakariya answers 5 questions about working as a consultant.
Leadfront Logo
Page navigation
HomeAbout usServicesTechnologiesInsightsEventCase
Partners
Salesforce
HubSpot
Upsales
Marketo
Braze
Symplify
See all partners
Visiting address
Leadfront AB
c/o Convendum
Kungsgatan 9
111 43 Stockholm
Sweden
Map
Postal address
Leadfront AB
c/o Convendum
Kungsgatan 9
111 43 Stockholm
Sweden
Contact
hej@leadfront.com+46(0)8252352Careers
Book a meeting
An arrow to the right
Copyright ©
1999
Leadfront AB
Org.nr.559098-9066
Privacy PolicyCookie PolicyGeneral Terms
Website made by