GDPR and ePrivacy briefing for marketing professionals
Our round-up and recommendations on practical steps to comply with UK and European laws
How will this guide help me and my business?
The General Data Protection Regulation came into force in all 28 countries in Europe on 25th May 2018. Despite Brexit, the legal requirements of GDPR are still in force, so companies should check compliance to reduce risk of fines or enforcement action. Brexit has also triggered a review of the law related to data transfer between the European Community and the UK which should be considered by marketers.
Digital marketing using websites, email and texts are also subject to the ePrivacy initiative which is currently being updated. We also explain the requirements of the relevant law in this report.
As well as explaining the principles of these regulations, we also give examples of how businesses must explain and obtain consent for new and existing prospects and customers who subscribe to their email lists and are stored within CRM and other systems.
What our GDPR briefing shows you
Our briefing will help you:
- Learn the concepts and guidance of the GDPR and how you need to respond and when.
- Understand the context of GDPR, explaining differences to previous data protection legislation and relating it other laws such as the update to the ePrivacy directive/Privacy and Electronic Communications Regulations (PECR) which will come into force in the future.
- Prioritise actions you need to take to prepare and implement your solution.
- Get practical recommendations on how you need to update your data collection forms, privacy statements and re-consent.
- Review examples of forms and statements companies have used to gain consent.
Who is this guide for?
GDPR affects all businesses that market to customers in the UK and Europe.
This guide is aimed at anyone responsible for customer data, communications and legal compliance for communications. This includes:
- Business owners and directors who have legal responsibility to comply
- Senior marketing managers such as CMOs, heads of marketing and brand managers
- Marketers involved with implementing GDPR, i.e. campaign and email marketing managers and execs
- Those specifically responsible for data protection compliance
- GDPR affects companies based in the EU but also companies outside of the EU that have customers (or personal data) within the EU
How is this resource structured?
The guide contains practical information to help you understand GDPR and implement anything required before it comes into force. The sections in the guide are:
- Introduction
- Background
- What’s coming
- ePrivacy/PECR and electronic marketing
- GDPR for marketers
- Practical steps for your GDPR programme
- Examples of re-consent emails
- Gaining consent for use of online advertising
- Examples of forms and privacy statements
- Useful sites
Latest updates
- Updated information about GDPR enforcement actions
- Ongoing post-Brexit changes related to GDPR
- The update to the ePrivacy initiative and its requirements
- The implications of the ‘cookieless future’
Resource Details
- Authors: Kim Greenop-Gadsby produced the original version of this guide, and Steve Henderson and Nick Crawford have provided more recent updates.
- Format: Online long-form containing the latest information on GDPR interpretation and actionable strategy recommendations
About the authors
Nick Crawford
A CRM, direct marketing and automation consultant with a specialism in email, Nick Crawford’s mission is to help businesses win and retain customers with relevant and engaging marketing.
Drawing on over 15 years agency and client side delivery experience across B2C and B2B, Nick created Twist Consultancy providing data-driven marketing and strategic planning to improve how brands connect to people.
An elected member of the DMA Email council and legal hub and IDM Tutor, Nick supports fellow practitioners across all things email from deliverability to testing to compliance.
Steve Henderson
Steve Henderson is the Compliance Officer for Communicator. With over a decade’s experience in email, he is an expert on the impact of the GDPR and ePrivacy on the email marketing industry. Steve sits on the UK DMA Email Council, chairs the Legal Hub of the DMA Email Council, belongs to the CIPP/E, the CIPT and has been awarded the IAPP Fellow of Information Privacy. When not talking about email, Steve enjoys TaekwonDo and gin. Steve edited the second version of this guide published in March 2018.
Kim Greenop-Gadsby
Kim Greenop-Gadsby is the Email Marketing Manager for Smart Insights. She manages all of Smart Insights email marketing and their automation platform. She gets very excited about all things email because she is #EmailGeekUK. Kim was born and bred in South Africa and has over 16 years experience in web development and digital marketing. When she is not being an email geek, she spends her time with her husband, two sons and their menagerie of pets.