How marketers are tackling GDPR
With the GDPR deadline fast approaching, find out how marketers from ITV, Shell and the DMA are tackling the impact and implications of the new data protection regulation.
Right from when the General Data Protection Regulation (GDPR) was first floated there were warnings from the marketing industry that it could have a big impact on marketers ability to do their job. And just three months from the regulation coming into force, there is still plenty of debate about the implications and how marketing departments can ensure they are complying.
That debate was the subject of a discussion between Steve Forde, director of online product and marketing at ITV, John Mitchison, director of policy and compliance at the DMA and Rob French, general manager for data privacy at Shell as part of a webinar hosted by Marketing Week. You can listen to the full webinar above.
Forde believes that despite the challenges GDPR can be a massive opportunity for all businesses to work out how they are collecting, processing and holding data and to be more efficient in those areas.
“Data protection comes down to two fundamental things: transparency and control. Transparency is about what data you hold, how you hold it and how you use it; and then giving consumers controls about how they interact with you,” he explains. “Those fundamental principles haven’t changed; it has just tightened up what businesses need to do and now it is legislation rather than a directive.”
Shell’s French agrees that the new legislation is more an evolution than a revolution and admits that while it is “a lot of work for some companies”, those that have gone through the process have found it “very worthwhile”.
READ MORE: Oasis on the challenges of GDPR and the ‘right to be forgotten’
“It isn’t something [most businesses] would choose to do because it is a lot of work and resource, but it is worthwhile to fully understand the breadth of data you hold, where it is going, what third parties are using it and going right back to the basics of understanding why have we got this data, what gives us the right to hold it and what do people expect us to do with it?” he explains.
French adds that this will only work, however, if it has buy-in from across the business and all departments are engaging with each other. Companies also need to ensure they are getting advice, whether from internal legal teams or externally, and laying down formal policies and processes.
Those formal processes are key, says the DMA’s director of policy and compliance John Mitchison, with accountability key.
“[Accountability] is a new buzzword for GDPR. It is not enough to comply, you have to be able to demonstrate you comply so that if someone asks what is going on with data processes or why people are receiving marketing you can take them right back to the beginning and show the policy for what you do marketing that way, how data is stored. That level of demonstration is vital,” he explains.
Forde, French and Mitchison go on to discuss impact planning, the implications for digital media, how to take ownership of GDPR and how to forge a new value exchange with customers.
The full webinar is available to listen to at the top of the page.
For a new company, how do you start the process?