Page 17 - Moore Blatch Business Magazine edition 2
P. 17

FEATURE





                                                              obtained under the existing data protection law to decide if it is GDPR
        Additional requirements on data controllers include the following:  compliant. Where consent does not meet the new GDPR standard
        •  demonstrate compliance with the processing principle;  and the organisation wants to use consent as a basis for marketing
        •  maintain detailed records of processing activities   going forward it may need to contact its database and ask individuals
          (applicable to larger organisations)                opt-in to ongoing communication. Subscribers will also need an easy
        •  give more information to individuals about         way to opt-out of marketing communications.
          the processing of their data
        •  implement privacy by “design and default”          The higher standards for consent and the new obligation to document
        •  ensure and demonstrate that processing is          consent may mean that for contracts on existing datalists, marketers
          performed in accordance with the GDPR               may need to seek new consent which is GDPR compliant.
        •  carry out impact assessments when using new
          technology or high risk processing                  What effect do you think the transparency requirements will
        •  ensure staff process personal data on the organisation’s instructions  have on the marketing industry?
        New rights for individuals - The GDPR introduces      In terms of security, the EU’s GDPR forces marketers to improve
        new rights for data subjects these include:           transparency for data protection and storage. The legislation gives
        •  enhanced rights of subject access                  more control to individuals and consumers over how their data is
        •  erasure of data in several situations              collected, handled and processed, which also gives them the right
        •  right to prevent processing where data is          to access and remove their data.
          inaccurate, unlawful or no longer needed
        •  opt out of profiling for direct marketing purposes  What practical steps can marketing departments
        •  portability of data in a structured commonly       and marketing organisations take to comply with the
          used machine-readable format.                       new legislation?


        Increased fines - The GDPR significantly increases fines for breach   Compliance will require better data management from marketers
        of the GDPR. For controllers, fines can potentially be up to 4% of   and less unnecessary data collection. It would be beneficial to assign
        annual worldwide turnover or €20 million, whichever is greater.  someone to supervise the compliance process, making sure this
                                                              person and organisation has extensive knowledge and experience
        We spoke to Gareth Miller, managing director of award winning   in this area.
        integrated marketing communications agency Carswell Gould to
        ask him how he thought these changes would affect marketers and   Marketers will need to urgently review their privacy policies
        what practical steps they could take to prepare for the changes.  and consent requests, as well as their procedures and contracts.
                                                              Businesses also need to make sure they educate their staff on the
        Do you think that marketing organisations are sufficiently   new regulations as well as making sure there are new processes in
        prepared for the change?                              place to comply.


        Despite its introduction on 25 May 2018, many are still unaware    What effect will the extra training and compliance measures
        of it. Consequently, this means numerous businesses have not    have on the cost of marketing?
        taken any steps to prepare for the regulation which requires
        100 per cent compliance.                              The Information Commissioner’s Office (ICO) estimates it will
                                                              cost small to medium-sized businesses that use direct marketing an
        How do you think that the changes to consent will impact   extra £76,000 a year, while training marketing staff is likely to be
        marketers?                                            over £7,500.


        With the new regulation, consent must be “freely given, specific,   But with the consequences of failing to comply proving far greater,
        informed, and unambiguous”. This may require reviewing consent   businesses would do well to start getting their house in order.














         DOROTHY A GNEW                        JOHN W ARCHUS                        GARETH MILLER
         P artner, commercial                  P artner, commercial                 Managing Director
         023 8071 8078                         020 8332 8631                        Carswell Gould - carswellgould.co.uk
         dorothy.agnew@mooreblatch.com         john.warchus@mooreblatch.com         gareth@carswellgould.co.uk



                                                                                                                  16
   12   13   14   15   16   17   18   19   20   21   22