Countdown to GDPR
May 11, 2018As Global Marketing Operations leader at Infor, an enterprise software company with more than 16,000 employees and 90,000 customers, I’ve had many questions about GDPR, what it means, who is affected, and how this will change marketing. At Infor, as one of the largest suppliers of mission critical software that automates core processes for some of the world’s largest and more well-known brands, data protection, security, and compliance are central to our core mission. And our marketing activities are no different. We’ve been researching the topic for some time now and have gained a strong understanding of the short- and long-term effects.
In this blog, I will share what we’ve learned and how we are preparing to be poised for success during the transition to the new marketing world that includes GDPR.
As you may already know, GDPR stands for General Data Protection Regulation, and it is the European Union’s (EU) new regulation governing the way personal data is collected, processed, used, and stored. As we rapidly approach the May 25th deadline for global compliance, all companies that conduct business in the EU should be preparing to ensure compliance with the new regulation. From updating contracts with vendors to ensuring they are compliant to updating our internal systems to ensure we can capture and action consent or the lack thereof, I can personally tell you that it has been a busy time at Infor as we barrel towards May 25th.
While GDPR has many implications for IT, product management, legal, sales, and just about every other department of a large company, the day-to-day concerns and logistics of consent and compliance naturally lie with marketing to ensure we can continue to communicate with our prospects and customers.
GDPR’s purpose is stated as follows:
“Its aim is to strengthen the rights of data subjects within the European Union (EU) and European Economic Area (EEA) with regard to how their personal data is used and how it’s protected.”
In more consumable terms, if your job as a marketer requires you to communicate with anyone who lives in the EU or is an EU citizen regardless of location, you must be cognizant of and compliant with the laws of consent and the definition of “legitimate business interest.” Otherwise, you cannot do any outbound communication. In the context of outbound emails, progressive profiling, behavioral scoring, and call campaigns, GDPR is truly a game changer.
An organization’s marketing technology stack plays a key role in GDPR compliance. Marketing organizations must be able to receive consent information, record how and when it was collected, and the context of the consent. Doing so requires working with IT and legal to ensure marketing knows what constitutes consent, how consent information is captured, and where to store it as it relates to the contact record. At Infor, we are using Infor CRM and integrating it with our the rest of our technology stack to hold and track consent.
After the deadline of May 25th, explicit consent will be required, so the time is now to be proactively “getting consent.” Infor’s Marketing Team has been running “opt-in” campaigns to our known contact universe to collect as much consent as possible before the GDPR deadline and will continue to do so until the deadline. The key to success is to succinctly articulate the value exchange you are offering and be as specific as possible. For example, “you attended event X on date Y, we hope you liked it. We are planning more events like that, but need you to consent to be able to tell you about them after May. So, please opt-in now.”
Getting something like this right isn’t just about technology. You need to educate your teams about what GDPR is and the tools available to them. At Infor, enablement tools are being created for all employees to educate them on the importance of GDPR and how it will affect them. These enablement efforts will educate marketers on how suppression will prevent emailing contacts for whom we lack appropriate consent information. It’s critical that all marketers understand the impact of the new requirements, as well as real-life examples of how it will impact them in the future.
However, marketing isn’t the only group that has access to contact data. Ensuring that everyone at Infor avoids violating GDPR regulations requires cooperation across the organization with Infor’s corporate GDPR compliance initiatives and deep collaboration with sales and IT. Clear policies and procedures that govern how everyone is expected to act are also a necessity. Compliance needs to be an ongoing effort and not a one-off project.
GDPR compliance efforts can seem a bit overwhelming. However, it’s better to see this as a great opportunity. This new regulation will drive organizations of all types to be better — better corporate citizens, better at technology, and better marketers. With the introduction of GDPR on May 25th, marketers simply will do more of what they aspire to do best — targeted and relevant marketing campaigns. With GDPR, we have the opportunity to ask deeper questions about an individual’s preferences. It will be expected and become the new normal. As well, we will gain confidence that the people we are talking to actually want to hear from us.
There’s no doubt that May 25th will bring challenges, but it will also bring reward through greater dedication to data governance and data-driven marketing, providing growth opportunities for everyone.
Amy Auriemma leads Infor’s Global Marketing Operations. She is a US Navy veteran, three time Georgia Woman of the Year in Tech honoree, and an avid marathon runner.
To learn more, visit www.eugdpr.org