If you’ve heard the buzz about General Data Protection Regulation, you’re either worried about what it means for your marketing practices or are burying your head in the sand, hoping it doesn’t impact you.
The fact is: despite the fact that this new policy is happening in Europe, this doesn’t mean you won’t be affected. Let’s look at what you need to know as this new data protection policy takes center stage.
In a Nutshell…
On May 25, the General Data Protection Regulation (GDPR) will start being enforced. While the US hasn’t yet set up policies to protect personal data that is used on social media and marketing platforms, GDPR will change how Vibes and many other US-based companies will be required to collect, store, and share personal consumer data.
Essentially GDPR will give data subjects of the EU more control over where and how their personal data is used, as well as how companies leverage it.
So if you have customers or contacts in the European Union, GDPR can affect you. While only 22% of US firms are concerned about GDPR’s impact on them, 80% of US companies may be affected. If found noncompliant, they could face hefty fines.
What Data Do I Need to Be Concerned With?
The fact is: any marketer with a database likely has personal data on hand that he needs to be concerned about treating in compliance with policies like GDPR, whether they yet exist in the US or not.
GDPR applies to non-EU companies (including those not established in the EU) when the data they process relates to offering goods or services (free or paid) to EU citizens, or monitoring the behavior of individuals in the European Union.
If you’re wondering how Brexit will affect GDPR, know that businesses should not expect their GDPR obligations to end when Brexit occurs in March 2019, as the British government has already proposed a new Data Protection Bill that will enshrine the basics of GDPR in British law.
Experts surmise that similar policies may land on this side of the pond in the near future, so taking precautions now can’t hurt.
Additionally, Australia, Singapore, and Switzerland are modifying current data privacy laws to be in line with GDPR.
Switzerland (non-EU member) has some additional privacy policies to adhere to if you have customers there, though they are pretty aligned with EU data privacy principles.
How Vibes is Working to Help You Navigate GDPR
Because Vibes does business internationally, we strive to stay on top of changes to data privacy policies like GDPR. When it comes to any component of our mobile engagement platform, including SMS/MMS messaging, mobile wallet, or push notifications, we’re applying GDPR rules to ensure compliance both for us and for our customers.
We have international mobile coverage with a task force to ensure compliance, as well as a process in place to be able to respond promptly to any data privacy incidents that may occur.
What Mobile Marketers Need to Know
Certainly you need to be aware of these regulations if you offer services to anyone in in Europe, but even if you don’t, adhering to the guidelines will save you a headache down the road.
In general, you shouldn’t need to stop your mobile marketing efforts, but you should review your program with your legal team to ensure you are compliant with these new rules.
Consider reviewing your processes for opt-ins with your legal team. Make sure you only collect data from individuals who have provided proper consent, for example by texting your shortcode to subscribe, clicking to add their digital loyalty data to your mobile wallet profile, or clicking “yes” to receive your push notifications or other mobile marketing communications. You should also check with your legal team to ensure you’re properly disclosing publicly how data is being used, by whom, and where so that consumers considering opting into your program can view it easily.
Have you provided an easy way to opt out, whether it’s by texting STOP to your shortcode, unsubscribing on a website, or deleting their loyalty profile? Do you send once-a-month opt-out instructions to let your contacts know they always have an option in whether they hear from your brand or not?
Our world is getting smaller. While GDPR may be primarily an EU concern, it affects all marketers globally, if only indirectly. Maintaining your own standards for processing personal data could help you stay on the good side of the law.
Disclaimer: This article does not provide legal advice. We recommend you consult your legal team for specific advice.
About the Author
Robert Charney is the Associate Director, International Business Operations at Vibes. He's passionate about creating business operations processes to increase revenue for the company. Robert considers himself a dedicated lifetime learner who maintains a cutting edge understanding of new technology and regulations.More Content by Robert Charney