How to Ensure GDPR doesn’t damage your customer base?
I spoke to the Office of the Information Commissioner last week to ask what impact the new General Data Protection Regulations (GDPR) and changes to The Privacy and Electronic Communications Regulations 2003, (PECR) will have on businesses selling b2b
Our business offers b2b telemarketing services to generate sales leads and we are not alone in selling business to business. Lots of organisations have multiple product lines that they sell to large numbers of corporate customers. And, companies need to evaluate the impact of GDPR and PECR on their ability to do their sales and marketing jobs. Business owners, marketing and channel managers, amongst others, need to work out how to ensure GDPR doesn’t impede their ability to work with their prospect and customer databases. They need to decide what to do.
Data protection makes sense
The interesting thing is that if you’ve been doing things right up to now, you shouldn’t have too many problems. Data protection has always been sensible. Simply put, marketing convention suggests that you shouldn’t annoy people if they clearly don’t want to hear from you. And, if you are transparent, you shouldn’t raise any issues. There are some differences such as sole traders being viewed as individuals under the Data Protection Act. However, if you’ve been doing it right thus far, chances are that, unless things change dramatically, you’ll do it right post May 2018. However, it makes sense to check.
So, what’s all the fuss about? There’s a lot of noise (and hysteria) in the marketing press about GDPR. This isn’t the blog to explain the finer points of data protection and the new regulations since there are many who are more qualified than me to do that. This blog is more related to what you need to do to help you from a marketing standpoint. Therefore, let’s look into what you should consider, regardless of GDPR, to render your business fit for purpose and to validate and build your customer database.
Is your database full of customers or contacts?
In reality, many businesses that sell to other businesses simply have a list of contacts, their phone numbers and email addresses and some notes on conversations alongside any contact and purchasing history. Some of those contacts will be actual customers. Some will have made enquiries and not bought. Some will have no knowledge of your business or services as they’re cold prospects. Some will be customer service queries and complaints.
There’s generally nothing sinister. However, if your employees do take notes, it’s important that the notes are factual and accurate and not emotive or defamatory in case of a Subject Access Request where someone requests all the information you hold on them.
If businesses manage their marketing correctly and have a legitimate interest or consent to process the data, they should be okay. Every business must hold suppression files of individuals/businesses that have asked to be taken off their marketing list (that means all channels) against which they screen future marketing communication. They should screen data against CTPS opt-outs, every 28 days, to ensure that they don’t flout the law. They also need to take care that prospect data isn’t so old as to be totally out of date. That’s bad marketing anyhow and professional businesses should have some form of data policy whereby they remove old information that is out of date and no longer relevant e.g. 6-12 months following last use. These actions are data protection basics.
However, in reality, it’s not just data protection with which marketers need to be concerned. As mentioned above, The Privacy and Electronic Communications Regulations 2003, PECR relate to:
- marketing calls, emails, texts etc.
- cookies (and similar technologies)
- keeping communications services secure and
- customer privacy as regards traffic and location data, itemised billing, line identification, and directory listings.
Validate your data
The key thing above for outbound marketers to consider (as opposed to those that look after the business online presence) relates to marketing calls. If contacts on your database are customers, you can, of course, continue to make calls to them. However, whilst possibly unlikely for regular customers, remember that the individual is entitled to withdraw his/her consent to further marketing at any time.
Don’t let your data age
The problem comes with those customers that are on the borderline. What I mean by that is what we’ve experienced many times with clients that have large customer databases. That is where they have a large client list that they define as ‘customers’ yet the data is so old that large numbers of contacts have changed and the actual contact and/or transaction was made many years before. Or, the purchase was relatively small and the person doesn’t even remember. We’ve even undertaken campaigns contacting ‘customers’ for clients in the past with transaction dates back to 2007 and earlier. As a consequence, many of the contacts don’t even know who you are let alone consider themselves as customers.
The above example isn’t uncommon as it is hard to keep data up to date. Certainly, you can/should periodically send emails asking your contact list to refresh their information. However, it’s unlikely that most suppliers want to give their active customers the option to drop them from all communication. Note: It is a legal requirement to provide an unsubscribe option on marketing emails.
Plan ahead to keep data fresh
It’s vital to keep data clean not least from a marketing wastage point of view but also to maximise sales opportunities let alone from the legal standpoint. So what do you need to do to ensure you don’t fall foul of GDPR and new PECR rules and do irreversible damage to your customer database?
- Allocate time to profile your database now, well in advance of May 2018 when new rules come into force
- Undertake a data cleanse and validation to check that you have up to date information
- Check all email addresses using an email address checker to ensure you have accurate info and to reduce bounce rates. It will also flag gone-aways for you to follow-up
- Screen all data against the CTPS register for opt-outs.
- Note: If you have a prior existing relationship with a customer, you do not have to screen the data but take care for very old records as they may not even remember you!
- Hold a suppression file of opt-outs and make sure it works
- Undertake ‘customer care’ calls to your customers to establish and categorise their status and to tidy up your database e.g.
- Dormant customers that can be retrieved through incentives and simply through some love and attention
- Lapsed customers that have gone elsewhere (offers to tempt them back?)
- No longer trading/out of business
- Current active customers e.g. those that have traded with you in the past 12 months
- Customers where you can cross-sell/upsell
- Segment calls by value (or size) to start at those with the most potential
- Gather opt-ins to further marketing (especially relevant if you gathered their information about a particular sale and you want to offer them something completely different)
- Append data that is missing from the database
- Gather preferences for contact e.g. by email, phone etc
The above isn’t exhaustive but illustrates some of the elements that will help you along the right path. What’s more, just by making the calls, you can unearth future opportunities and build your sales pipeline all the while cleansing your database and getting your business in good shape for the new rules.
If you’d like to discuss a database project, contact us now.
Disclaimer: Nothing in this blog constitutes legal advice If you have any concerns whatsoever about Data Protection or the new PECR rules, you must seek proper advice from a legal expert and not rely on any information contained within this blog.