GDPR in Practice: What Happens Now? | The Typeface Group

GDPR in practice: what happens now?

It felt like that GDPR deadline was looming for months. In the week leading up to the 25 May deadline, almost all of us will have had our inboxes full of emails asking us to opt in to the various marketing lists we have joined over the years. Some may have been a surprise – Twitter was awash with comments about the companies who we didn’t even know had our details on file. So, what’s next now that GDPR in practice is well underway? Here’s a look at what the changes have meant so far and how it is affecting the way in which our data is used as consumers and also being collected as companies or marketers.

GDPR in practice for websites

One of the biggest changes brought in by GDPR in practice is the need to give explicit consent for the use of personal data. That includes permission for a company to use cookies when you are browsing on a website. Tracking tools, such as Google Analytics – allow websites to collect data on its visitors so GDPR had an important part to play here. That data is then used to personalise content, to analyse web traffic and for advertising.

So, it is now much more likely to have to check a box on a pop up to accept cookies as soon as you log on to a website. This may be a little annoying for the user but it is done with the best interests of the consumer at the heart. Your data is sacred and should be treated as such by those who you choose to share it with.

GDPR in practice for email marketing 

All those emails received before the GDPR deadline will have sorted the wheat from the chaff when it comes to which email lists you are now on. It’s highly likely that you will receive much fewer emails now, particularly ones which you have no interest in, as you should have had to give explicit consent for every company who wishes to contact you from now on.

For the company, this means a much more realistic picture of who they are communicating with. These people are more likely to be genuinely interested in what you have to say – and this should have a corresponding positive impact on statistics such as open and click rates.

For the consumer, this means the emails you do receive should be much more interesting. Hopefully, gone are the days of deleting a marketing email without even opening or reading it. If not, it’s not too late to click that unsubscribe button which still needs to be present on every email campaign a company sends out. You can change your mind and opt out at any time. Also, you now have a right to be completely ‘forgotten’ by a company – this means, under most circumstances, all data a company holds on an individual has to be deleted forever.

GDPR in practice on a daily basis

The headlines about GDPR were dominated by the large fines which could be imposed if people broke the new legislation –  420m (£17.2m) or 4% of a company’s total worldwide annual turnover – whichever is higher. Previous laws covering data protection could impose a fine of no more than £500,000. Therefore, it is important that companies take steps to prevent them from being prosecuted – and potentially held up as an example whilst the new legislation is in force.

For lots of organisations and companies, this will have a significant impact on their day-to-day practices. Transparency and the fair processing of data now has to happen as default, rather than a potential afterthought. Companies which handle a lot of personal data, for example call centres, may need to now appoint a data protection officer.

Some organisations, such as public authorities, will be required to if they had not done so prior to the introduction of GDPR. It will be their responsibility to keep records of everything they do to handle data. This includes, lists of who has opted in to being contacted and who you cannot contact need to be maintained as well as ensuring that where the data is stored is fit for purpose. For those handling particularly sensitive data, a data protection impact assessment must be drawn up and followed. Should there be a breach, it is also down to the company to notify the ICO who can investigate.

GDPR over time

Over time, what GDPR actually means will become clearer as those that fall foul make the headlines. One this is for sure that all of these changes will become the new normal, as is doing your VAT returns. Companies will benefit from cleaner data and only collect it with a clear purpose which, in term is more manageable and focused. Consumers will enjoy less white noise when it comes to marketing. We may have all been exceptionally busy in order to ensure compliance before the deadline hit us.

The team here at The Typeface Group can help with your digital marketing communications from website optimisation to email marketing – all with GDPR compliance at the centre of all we do.

Contact us…

Find out how we could move your marketing forward.