GDPR and greater data rights for individuals
The 25th of May 2018 will go down in history as the day General Data Protection Regulation (GDPR) came into force, bringing data protection into line for the digital age but also giving greater data rights for individuals. However, it will also go down as the day for increased compliance responsibilities for organisations and the day that many of them became more uncertain about what they can do to market their business both successfully and legitimately.
Many had relied on a large database that they had ‘grown’ over time but had to give these up completely, or partially, (through reconsenting to mailing lists) because they could not prove they had collected that data in a legitimate manner.
In addition to this ‘loss’, the advent of GDPR was a trigger for people to make decisions on whether they still wanted to share their details with companies in the immediacy, and in the future.
This in tandem with the proliferation in data related stories will no doubt have added to the growing reluctance to personal data being shared. For example, the Cambridge Analytica-Facebook data scandal in which Cambridge Analytica harvested the personal data of millions of people’s Facebook profiles without their consent, and used this data during the EU Referendum campaign.
The result of the awareness is that it will make building a business database harder than it used to be.
So what can businesses do to once again grow their prospect database?
Four of the most popular options are below:
1. Build again in a similar way
Businesses can again collect email addresses by asking people to sign up for newsletters or share their email address in exchange for some valuable piece of content, but they need to record evidence of when and where this data came from.
Additionally, at the point of collecting the data, businesses now need to:
2. Rent Prospect data
There are agencies where businesses can rent prospect data. However, businesses must find a supplier that has a list that matches their target audience, but also carry out checks to ensure that the supplier has legitimately obtained the data.
For this to have happened the data suppliers must:
3. Build Again Using LinkedIn
When new users sign-up to join LinkedIn, they are agreeing to enter into a legally binding contract with LinkedIn.
LinkedIn record when people connect and the connection itself is consent to receiving communication through the LinkedIn platform, from both LinkedIn and other users.
This means that when you build a prospect database on LinkedIn, the database you are building is already GDPR compliant. This database can then be used for marketing purposes forever.
Businesses can create databases by using employee profiles (with their permission) to send connection messages to target prospects in order to gain new 1st connections and then engage in conversations with them.
4. Do nothing
Some businesses may be able to rely on their current client base and use word of mouth marketing to get referrals from them.
So which method should you adopt?
In today’s hypercompetitive global economy, doing nothing isn’t really an option.
Building a new database will be slower than before due to the reluctance of people to part with their personal data. Businesses need to ensure they follow the regulations, otherwise, they could find themselves in hot water with the Information Commissioner’s Office (ICO) in the future. For many businesses, growing a database the old way may be too slow or too expensive.
Renting prospect data is a quick way to access lots of data. The success of this method will be heavily reliant on finding an audience list that is relevant for your use (it can be difficult to find data that is 100% relevant) and the quality of the data could mean it’s not up-to-date. This could make the investment expensive, not only from a cost point of view (wastage due to irrelevant data) but also in terms of the time required to carry out the due diligence on the supplier from a legality point of view.
Building a database on LinkedIn is the least problematic method in terms of non-breach of GDPR rules because LinkedIn takes this responsibility on. LinkedIn has embraced GDPR, as well as complying with the basic data rights under GDPR, they are also providing its members with more control over who on the platform can access their data.
For example, in November 2018 LinkedIn added a new feature called ‘Who can see my email address’, which users can use to hide their email address from everyone on their profile if they choose to (defaults to 1st connections). Within this feature there is also an option to not include your email address in the connections download function – it defaults to no. This is the reason why email addresses have effectively been removed from the download archive.
The downside of LinkedIn is that it is not as quick as instantly renting a database (after the due diligence has been done). It requires a consistent effort to reach out to targeted contacts with a personalised connection message to ensure that the acceptance rate is as high as possible. All of this takes time.
GDPR has thrown-up numerous challenges for businesses in understanding how to stay within this new law, but also the best way to access a prospects database.
Building a database on LinkedIn is certainly the easiest way to stay compliant. It is also the most flexible solution and for many the ‘best’ long-term strategy.
The only real disadvantage it has over renting data is the time it takes businesses to create the database. However, this time can be delegated and there are specialist firms that can help you to do this, as well as helping with your prospecting.
Help with your GDPR challenges is out there…
What challenges have you faced with GDPR and prospecting?