background preloader

GDPR , Direct Marketing, First Engagement , CRM

Facebook Twitter

GDPR - Article 21 , Recital 47 , Recital 70

Recital 47
The processing of personal data for direct marketing purposes may be regarded as carried out for a legitimate interest.



Recital 70
Where personal data are processed for the purposes of direct marketing, the data subject should have the right to object to such processing, including profiling to the extent that it is related to such direct marketing, whether with regard to initial or further processing, at any time and free of charge

Article 21
Where personal data are processed for direct marketing purposes, the data subject shall have the right to object at any time to processing of personal data concerning him or her for such marketing, which includes profiling to the extent that it is related to such direct marketing.

Where the data subject objects to processing for direct marketing purposes, the personal data shall no longer be processed for such purposes. Contextual targeting offers solution to strict GDPR regulations. Programmatic online advertising will not cease to exist because of the GDPR or the proposed ePrivacy Directive.

Contextual targeting offers solution to strict GDPR regulations

Personally-identifiable information (PII) may seem essential to digital advertising, but it is not the only way to target a relevant audience. Targeting based on context was a reliable method for decades before we came to rely on collecting and cross-referencing vast amounts of intrusive data. Analysis of the marketing material released by DSPs listed on the Display Lumascape shows that it will be possible for advertisers to reach audiences despite the GDPR and ePrivacy Directive.

DSPs are already able to target based on content and context. * Brandscreen was reported as having again been placed in administration in late-2016 and we could find no clear information on its current status. Whether DSPs implement their own solutions for contextual targeting or use external partners, forthcoming EU regulations will not mean the end of programmatic advertising. 11 steps to your consent and permissions. Fast.MAP and the Institute of Fundraising have published a new guide for charity fundraisers and marketers, offering a step-by-step approach to securing compliant consent and permissions.

11 steps to your consent and permissions

The guide is published as charities take action to be compliant with the General Data Protection Regulation (GDPR), and following fines levied by the Information Commissioner’s Office (ICO) on 13 large charities for misuse of personal data. David Cole, MD of fast.MAP, explains in the introduction to the 13-page guide: “‘Consent’ is now the new front line for marketing and the implications for every charity are far more profound than a change to a tick-box or a data structure.” He added that the guide’s function is “to inspire, rather than be prescriptive, because each charity, when embracing consent, will plot their own path.”

GDPR awareness, readiness and compliance in the US, UK and Belgium. The GDPR (General Data Protection Regulation) represents a massive change in personal data protection and privacy.

GDPR awareness, readiness and compliance in the US, UK and Belgium

In combination with the ePrivacy Regulation it is changing the EU privacy and security landscape completely. While the GDPR text has been published, the ePrivacy Regulation isn’t final yet. However, achieving GDPR compliance is a massive task and time runs out. Companies across the globe who process personal data of EU ‘data subjects’ (as the GDPR impacts them too) are taking measures. Yet, we often hear how many aren’t prepared at all. What the ICO guidance on GDPR says, and what we think about it. Since the Information Commissioner’s Office (ICO) announced its plans for general data protection regulation (GDPR) guidance earlier this year, I have no doubt that fundraisers and those involved in direct marketing in charities have been waiting with bated breath to see what the ICO’s interpretation of the new regulation is, and what it will require.

What the ICO guidance on GDPR says, and what we think about it

The first piece of detailed guidance was published at the start of March for a four-week consultation, and focuses on consent under the GDPR. It’s not just about fundraising As Kristy Weakley at Civil Society rightly says, while the GDPR has mostly been at the top of fundraisers’ agenda, the changes won’t just apply to fundraising. They will apply to all pieces of personal data collected, processed and stored: so also to marketing, campaigning, communications, volunteering and beneficiary databases. The basic concept of consent, and its main role as a lawful condition for processing, is not new. A lack of clear guidance over the EU's General Data Protection Regulation (GDPR) is stifling businesses ability to prepare for it.

The lugubrious ticking of my internal GDPR Doomsday Clock struck a minute closer to midnight last week.

A lack of clear guidance over the EU's General Data Protection Regulation (GDPR) is stifling businesses ability to prepare for it

Tick, it chimed: “only 5 per cent of marketers fully understand what the GDPR means for their business.” Tock, it said: “50 per cent say they don’t really understand it at all, or [literally] don’t know.” The Chartered Institute of Marketing (CIM) drop a statistical A-bomb in my inbox, and all hope of anyone making sense of the biggest ever overhaul of data regulation, is gone. It’s becoming painfully clear that many businesses – whether marketers or else – have neither the time, resources or know-how to deal with the EU’s General Data Protection Regulation.

Implementation is 431 days away, and yet, the CIM/ YouGov poll finds just 11 per cent of businesses already have systems in place to ensure compliance. There’s too much else happening. Prepare your business for changes to the ePrivacy rules - or face hefty fines - Marketing Tech News. Does the start of Brexit mean marketers are off the hook with GDPR? - Digital Doughnut.

The EU GDPR comes into play in just over a year, and many businesses are not yet compliant, make sure you understand the effect Brexit will have on all this....

Does the start of Brexit mean marketers are off the hook with GDPR? - Digital Doughnut

If you live in Europe, you would have had to try really hard not to hear the news that the UK has started the exit process from the European Union on the 29th March 2017. Though I’m pretty sure that this historic action made it to news sites globally! ICO Issues Fine for Marketing Emails Disguised as Service Messages. The Information Commissioner’s Office (ICO) has issued a £70,000 fine against Flybe and a £13,000 fine against Honda Motor Europe Ltd for breaching Regulation 22 of the Privacy and Electronic Communications Regulations (PECR) by sending emails requesting individuals to update their marketing preferences.

ICO Issues Fine for Marketing Emails Disguised as Service Messages

The two cases confirm that: the interpretation by the ICO of what constitutes “marketing material” is very wide; andthe ICO will take enforcement action against organisations that seek to circumvent the rules on direct marketing by disguising marketing messages as service messages. Flybe sent emails with the subject line “Are your details correct?” And advised individuals to update out-of-date information and marketing preferences. The emails were sent to over 3 million individuals who had opted out of marketing messages.

On the other hand, Honda sent emails titled “Would you like to hear from Honda?” This is potentially a significant area of future enforcement by the ICO. GDPR: What does it mean for US digital startups in Europe? — ATLANTIC LEAP. A survey of large American multinationals by PwC revealed that 71% of respondents have already begun preparing for GDPR by assessing two things: the gap between their current data protection practice and the requirements of GDPR, and discovering the data they already hold, of which over half is likely to be unknown to the business itself. 54% have begun de-identifying their European data by deleting or masking elements of the personal data they hold.

GDPR: What does it mean for US digital startups in Europe? — ATLANTIC LEAP

US businesses with existing EU operations will also have to make changes to their data protection practice, almost as if they’re starting over - so the next section will serve as a guideline for them too. My business wants to expand into mainland Europe. How do I comply with GDPR? These four elements will stand US businesses with EU operations in good stead for May 2018: Don’t forget the website. The GDPR and Why Digital Marketing Will Never be the Same - OpenText Blogs.

We know that the General Data Protection Regulation is giving Compliance and IT some heartburn as these teams work to understand the GDPR’s new requirements and how it will affect their organizations.

The GDPR and Why Digital Marketing Will Never be the Same - OpenText Blogs

But perhaps the biggest impact will be to Marketing; specifically digital marketing, which will require a cultural shift that presents challenges, but for smart organizations, opportunities to succeed as well. Consent is king The days of implied, sneaky, and bundled consent are gone. Starting in May 2018, brands have to collect active consent that is “freely given, specific, informed and unambiguous” to be compliant with GDPR. Someone provided their email address to download a whitepaper? RNLI's first opt-in appeal trebles response rate. Tim Willett, head of funding strategy at the charity, says the summer fundraiser had a response rate of 32.8 per cent, compared with 10.4 per cent in 2015 The RNLI trebled its response rate and average donation from supporters when it experimented with its first fundraising appeal in which it marketed only to people who had opted to receive communications, according to Tim Willett, head of funding strategy at the charity.

RNLI's first opt-in appeal trebles response rate

In an interview with Third Sector, Willett said the RNLI, which has spent the past year moving to an opt-in system of communications, wanted to test the theory that marketing to a smaller pool of highly engaged donors would generate better results than fundraising from all of the charity’s supporters. When it did this with its annual summer fundraising appeal, the response rate was 32.8 per cent – more than triple the 10.4 per cent rate the charity achieved in 2015.

Fundraising & Regulatory Compliance Conference 2017. Why charities need to be prepared for GDPR. What is GDPR? From 25th May 2018 ‘The General Data Protection Regulation’ (GDPR) will apply to all charities and businesses in the UK. GDPR differs from the Data Protection Act and places stricter rules on how data is collected, maintained and processed. GDPR will also extend the definition of ‘personal data’ to include not only traditional manual records, but new online sources too, such as an IP address, where consent to store and use data is much harder to obtain. Charities will need to ensure that they clearly affirm that consent has been obtained or there is a risk of substantial fines. Most Read IRIS Articles of the Week (March 20 - 24) Here’s a look at the Top 11 Most Viewed Articles of the Week on IRIS.xyz, March 20 - 24, 2017 Click the headline to read the full article. Enjoy! 1.

What Marketers Need to Know About the EU's New Data Protection Rules - eMarketer. Scott MeyerCEO and Co-FounderEvidon The European Union’s General Data Protection Regulation (GDPR) was put in place to standardize existing laws that call for transparency in how companies collect and store personal data about EU citizens. eMarketer’s Sean Creamer spoke with Scott Meyer, CEO and co-founder of Evidon, and Todd Ruback, the compliance services company’s chief privacy officer and vice president of legal, about what the GDPR will mean for marketers from outside the EU when it goes into effect on May 25, 2018. GDPR: What do you need to know? - Information Age. GDPR requires a top-down approach with board level recognition and sponsorship. A project team should be formed that represents the whole of a company and all its major departments. Cancer Research UK aims to be GDPR compliant by July - DecisionMarketing. Cancer Research UK is aiming to steal a march on its rival charities – and brand owners alike – by launching a major marketing campaign designed to get its database compliant with the new EU data protection laws at least 10 months before the May 2018 deadline.

The campaign, which launched in The Sunday Times, urges supporters to give the charity explicit consent to contact them, under the strapline: “Your tick helps us beat cancer soon” and urges consumers to visit cruk.org/justatick to complete the process. The text reads: “Right now, your tick is one of the most important tools in the fight against cancer. How Channel 4 is preparing its 15m registered viewers for new European data laws. The European Union’s new General Data Protection Regulations don’t go into effect until next May, but already they’re having an impact on how publishers must think about data. This is especially apparent at Channel 4, which has set up a 12-person team to focus on making its audience data collection compliant with the new rules. GDPR - GDPR in practice - B2B emails and consent. Dogs Trust introduces consent platform to capture supporter preferences.

Dogs Trust has partnered with MyLife Digital and Wood for Trees to launch a cloud-based consent platform that will enable it to capture and manage supporter preferences, and meet legislative requirements associated with the upcoming GDPR. The UK’s most infamous data breaches. IP addresses and personal data: Did CJEU ask the right questions? GDPR Is The Antidote To Every Email Marketer's Worst Nightmare. A favourite game of mine is to ask people which is the first draconian law from Brussels they are hoping to soon see the back of when Brexit becomes a reality. Will poor data quality jeopardise GDPR compliance? GDPR: Data Protection - Compliance is not enough. Facebook's data transfer arrangements face legal challenge in Irish court. John Lewis fined over spam emails. Department store chain John Lewis has been ordered to pay damages after being successfully prosecuted over the dissemination of unsolicited spam emails.

According to a report by Sky News, the case, brought against the retailer by Sky News producer Roddy Mansfield, could have significant repercussions for online marketers with a wave of similar privacy rulings now expected. Existing EU legislation bans businesses from promoting their wares through marketing emails unless it can be proven that the recipient consented to them or was a customer – with John Lewis unable to satisfy either requirement. A Brief Refresher on Spam Laws, Email Marketing and Compliance.

As each year marches past, governments are becoming more and more restrictive about unsolicited email. The Ultimate Guide to International Email Law [Infographic] – Litmus Software, Inc. The new ePrivacy Regulation: how will it impact your business? - Articles - Olswang LLP. What are PECR? GDPR: What Europe’s New Privacy Law Means for Email Marketers – Litmus Software, Inc. “Would you like us to email you a receipt?” Information Law Solutions Consultancy Glasgow, UK. Chapter 7: Lawful basis for processing – Unlocking the EU General Data Protection Regulation. The perfect CRM system for GDPR compliance - Data Protection People. Electronic mail marketing.

Olswang Webinar catch up: GDPR AND THE RETAIL INDUSTRY. GDPR: What Europe’s New Privacy Law Means for Email Marketers – Litmus Software, Inc. The GDPR PPI Paradox. Personal data processing for marketing purpose under the new GDPR: consent v legitimate interest and Recital 47 – first thoughts. 3 tips: Steal my GDPR action plan. Fundraising Week: Charities will be able to use opt-out systems under new EU data rules, says John Mitchison. Direct marketing guidance.

Opt-In Laws in North America and Europe. Your email marketing and anti-spam law. Every B2B marketers holy PECR is on the chopping block - CommuniGator Ltd. EU DPR agreed. GDPR: Data Protection - Compliance is not enough. Worst ePrivacy B2B fears averted. B2B marketing and the GDPR. GDPR - Direct marketing as a legitimate interest. Cpbuk.co.uk How The GDPR Will Affect B2B Marketing - cpbuk.co.uk. Can I still market to my current contact base after the GDPR? - CommuniGator Ltd.